Security Updates
Portal container images are scanned using Trivy for HIGH and CRITICAL vulnerabilities.
Latest 1.4.x Gloo Portal Release: v1.4.6
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.4.6 (alpine 3.17.5)
No Vulnerabilities Found for Node.js
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.18.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-45338 | golang.org/x/net | HIGH | v0.20.0 | 0.33.0 | https://avd.aquasec.com/nvd/cve-2024-45338 |
CVE-2024-10220 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-10220 |
CVE-2024-5321 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.27.16, 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-5321 |
CVE-2024-34156 | stdlib | HIGH | v1.21.13 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.4.6 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.4.6 (alpine 3.17.5)
No Vulnerabilities Found for Node.js
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.18.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-45338 | golang.org/x/net | HIGH | v0.20.0 | 0.33.0 | https://avd.aquasec.com/nvd/cve-2024-45338 |
CVE-2024-10220 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-10220 |
CVE-2024-5321 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.27.16, 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-5321 |
CVE-2024-34156 | stdlib | HIGH | v1.21.13 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
Gloo Portal gloo-portal-admin-ui image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-ui:1.4.6 (alpine 3.20.3)
Release v1.4.5
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.4.5 (alpine 3.17.5)
No Vulnerabilities Found for Node.js
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.18.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-45338 | golang.org/x/net | HIGH | v0.20.0 | 0.33.0 | https://avd.aquasec.com/nvd/cve-2024-45338 |
CVE-2024-10220 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-10220 |
CVE-2024-5321 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.27.16, 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-5321 |
CVE-2024-34156 | stdlib | HIGH | v1.21.13 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.4.5 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.4.5 (alpine 3.17.5)
No Vulnerabilities Found for Node.js
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.18.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-45338 | golang.org/x/net | HIGH | v0.20.0 | 0.33.0 | https://avd.aquasec.com/nvd/cve-2024-45338 |
CVE-2024-10220 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-10220 |
CVE-2024-5321 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.27.16, 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-5321 |
CVE-2024-34156 | stdlib | HIGH | v1.21.13 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
Gloo Portal gloo-portal-admin-ui image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-ui:1.4.5 (alpine 3.18.6)
Release v1.4.4
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.4.4 (alpine 3.17.5)
No Vulnerabilities Found for Node.js
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.18.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-45338 | golang.org/x/net | HIGH | v0.20.0 | 0.33.0 | https://avd.aquasec.com/nvd/cve-2024-45338 |
CVE-2024-10220 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-10220 |
CVE-2024-5321 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.27.16, 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-5321 |
CVE-2024-34156 | stdlib | HIGH | v1.21.13 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.4.4 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.4.4 (alpine 3.17.5)
No Vulnerabilities Found for Node.js
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.18.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-45338 | golang.org/x/net | HIGH | v0.20.0 | 0.33.0 | https://avd.aquasec.com/nvd/cve-2024-45338 |
CVE-2024-10220 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-10220 |
CVE-2024-5321 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.27.16, 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-5321 |
CVE-2024-34156 | stdlib | HIGH | v1.21.13 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
Gloo Portal gloo-portal-admin-ui image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-ui:1.4.4 (alpine 3.18.6)
Release v1.4.3
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.4.3 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.18.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-45338 | golang.org/x/net | HIGH | v0.20.0 | 0.33.0 | https://avd.aquasec.com/nvd/cve-2024-45338 |
CVE-2024-10220 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-10220 |
CVE-2024-5321 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.27.16, 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-5321 |
CVE-2024-34156 | stdlib | HIGH | v1.21.13 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.4.3 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.4.3 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.18.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-45338 | golang.org/x/net | HIGH | v0.20.0 | 0.33.0 | https://avd.aquasec.com/nvd/cve-2024-45338 |
CVE-2024-10220 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-10220 |
CVE-2024-5321 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.27.16, 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-5321 |
CVE-2024-34156 | stdlib | HIGH | v1.21.13 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
Gloo Portal gloo-portal-admin-ui image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-ui:1.4.3 (alpine 3.18.6)
Release v1.4.2
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.4.2 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.18.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-45338 | golang.org/x/net | HIGH | v0.20.0 | 0.33.0 | https://avd.aquasec.com/nvd/cve-2024-45338 |
CVE-2024-10220 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-10220 |
CVE-2024-5321 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.27.16, 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-5321 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2024-34156 | stdlib | HIGH | v1.21.10 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.4.2 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.4.2 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.18.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-45338 | golang.org/x/net | HIGH | v0.20.0 | 0.33.0 | https://avd.aquasec.com/nvd/cve-2024-45338 |
CVE-2024-10220 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-10220 |
CVE-2024-5321 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.27.16, 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-5321 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.10 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2024-34156 | stdlib | HIGH | v1.21.10 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.4.2 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
Release v1.4.1
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.4.1 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.18.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-45338 | golang.org/x/net | HIGH | v0.20.0 | 0.33.0 | https://avd.aquasec.com/nvd/cve-2024-45338 |
CVE-2024-10220 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-10220 |
CVE-2024-5321 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.27.16, 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-5321 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2024-34156 | stdlib | HIGH | v1.21.9 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.4.1 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.4.1 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.18.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-45338 | golang.org/x/net | HIGH | v0.20.0 | 0.33.0 | https://avd.aquasec.com/nvd/cve-2024-45338 |
CVE-2024-10220 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-10220 |
CVE-2024-5321 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.27.16, 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-5321 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.9 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2024-34156 | stdlib | HIGH | v1.21.9 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.4.1 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
Release v1.4.0
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.4.0 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.18.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-45338 | golang.org/x/net | HIGH | v0.20.0 | 0.33.0 | https://avd.aquasec.com/nvd/cve-2024-45338 |
CVE-2024-10220 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-10220 |
CVE-2024-5321 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.27.16, 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-5321 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
CVE-2024-34156 | stdlib | HIGH | v1.21.7 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.4.0 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.4.0 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2024-45337 | golang.org/x/crypto | CRITICAL | v0.18.0 | 0.31.0 | https://avd.aquasec.com/nvd/cve-2024-45337 |
CVE-2024-45338 | golang.org/x/net | HIGH | v0.20.0 | 0.33.0 | https://avd.aquasec.com/nvd/cve-2024-45338 |
CVE-2024-10220 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-10220 |
CVE-2024-5321 | k8s.io/kubernetes | HIGH | v1.27.8 | 1.27.16, 1.28.12, 1.29.7, 1.30.3 | https://avd.aquasec.com/nvd/cve-2024-5321 |
CVE-2024-24790 | stdlib | CRITICAL | v1.21.7 | 1.21.11, 1.22.4 | https://avd.aquasec.com/nvd/cve-2024-24790 |
CVE-2023-45288 | stdlib | HIGH | v1.21.7 | 1.21.9, 1.22.2 | https://avd.aquasec.com/nvd/cve-2023-45288 |
CVE-2024-34156 | stdlib | HIGH | v1.21.7 | 1.22.7, 1.23.1 | https://avd.aquasec.com/nvd/cve-2024-34156 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.4.0 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-28757 | libexpat | HIGH | 2.6.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
Latest 1.3.x Gloo Portal Release: v1.3.10
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.3.10 (alpine 3.17.5)
No Vulnerabilities Found for Node.js
No Vulnerabilities Found for usr/local/bin/gloo-portal-controller
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.3.10 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.3.10 (alpine 3.17.5)
No Vulnerabilities Found for Node.js
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
Gloo Portal gloo-portal-admin-ui image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-ui:1.3.10 (alpine 3.20.3)
Release v1.3.9
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.3.9 (alpine 3.17.5)
No Vulnerabilities Found for Node.js
No Vulnerabilities Found for usr/local/bin/gloo-portal-controller
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.3.9 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.3.9 (alpine 3.17.5)
No Vulnerabilities Found for Node.js
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
Gloo Portal gloo-portal-admin-ui image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-ui:1.3.9 (alpine 3.18.6)
Release v1.3.8
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.3.8 (alpine 3.17.5)
No Vulnerabilities Found for Node.js
No Vulnerabilities Found for usr/local/bin/gloo-portal-controller
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.3.8 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.3.8 (alpine 3.17.5)
No Vulnerabilities Found for Node.js
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
Gloo Portal gloo-portal-admin-ui image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-ui:1.3.8 (alpine 3.18.6)
Release v1.3.7
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.3.7 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
No Vulnerabilities Found for usr/local/bin/gloo-portal-controller
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.3.7 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.3.7 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
Gloo Portal gloo-portal-admin-ui image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-ui:1.3.7 (alpine 3.18.6)
Release v1.3.6
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.3.6 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
No Vulnerabilities Found for usr/local/bin/gloo-portal-controller
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.3.6 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.3.6 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.3.6 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
Release v1.3.5
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.3.5 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
No Vulnerabilities Found for usr/local/bin/gloo-portal-controller
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.3.5 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.3.5 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.3.5 (alpine 3.18.5)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r1 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r1 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-25062 | libxml2 | HIGH | 2.11.6-r0 | 2.11.7-r0 | https://avd.aquasec.com/nvd/cve-2024-25062 |
Release v1.3.4
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.3.4 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
No Vulnerabilities Found for usr/local/bin/gloo-portal-controller
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.3.4 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.3.4 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.3.4 (alpine 3.18.5)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.4.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.4.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.4.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.4.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r1 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r1 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-25062 | libxml2 | HIGH | 2.11.6-r0 | 2.11.7-r0 | https://avd.aquasec.com/nvd/cve-2024-25062 |
Release v1.3.3
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.3.3 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
No Vulnerabilities Found for usr/local/bin/gloo-portal-controller
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.3.3 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.3.3 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.3.3 (alpine 3.18.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.4.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.4.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.4.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.4.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r1 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r1 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-25062 | libxml2 | HIGH | 2.11.4-r0 | 2.11.7-r0 | https://avd.aquasec.com/nvd/cve-2024-25062 |
Release v1.3.2
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.3.2 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-39325 | golang.org/x/net | HIGH | v0.7.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.51.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.3.2 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.3.2 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.7.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.51.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.3.2 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-38545 | curl | CRITICAL | 8.2.1-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-38039 | curl | HIGH | 8.2.1-r0 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | curl | HIGH | 8.2.1-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.2.1-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-38545 | libcurl | CRITICAL | 8.2.1-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-38039 | libcurl | HIGH | 8.2.1-r0 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | libcurl | HIGH | 8.2.1-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.2.1-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r0 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-4863 | libwebp | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2023-43787 | libx11 | HIGH | 1.8.4-r1 | 1.8.7-r0 | https://avd.aquasec.com/nvd/cve-2023-43787 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.51.0-r1 | 1.51.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
Release v1.3.1
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.3.1 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-39325 | golang.org/x/net | HIGH | v0.7.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.51.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.3.1 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.3.1 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.7.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.51.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.3.1 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-38545 | curl | CRITICAL | 8.1.2-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-38039 | curl | HIGH | 8.1.2-r0 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | curl | HIGH | 8.1.2-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.1.2-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-38545 | libcurl | CRITICAL | 8.1.2-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-38039 | libcurl | HIGH | 8.1.2-r0 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | libcurl | HIGH | 8.1.2-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.1.2-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r0 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-4863 | libwebp | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2023-43787 | libx11 | HIGH | 1.8.4-r1 | 1.8.7-r0 | https://avd.aquasec.com/nvd/cve-2023-43787 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.51.0-r0 | 1.51.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.51.0-r0 | 1.51.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
Release v1.3.0
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.3.0 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-39325 | golang.org/x/net | HIGH | v0.7.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.51.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.3.0 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.3.0 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.7.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.51.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.3.0 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-38545 | curl | CRITICAL | 7.88.1-r1 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-28319 | curl | HIGH | 7.88.1-r1 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.88.1-r1 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | curl | HIGH | 7.88.1-r1 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 7.88.1-r1 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-38545 | libcurl | CRITICAL | 7.88.1-r1 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-28319 | libcurl | HIGH | 7.88.1-r1 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.88.1-r1 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | libcurl | HIGH | 7.88.1-r1 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 7.88.1-r1 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r0 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-1999 | libwebp | HIGH | 1.2.4-r1 | 1.2.4-r2 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.4-r1 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2023-3138 | libx11 | HIGH | 1.8.4-r0 | 1.8.4-r1 | https://avd.aquasec.com/nvd/cve-2023-3138 |
CVE-2023-43787 | libx11 | HIGH | 1.8.4-r0 | 1.8.7-r0 | https://avd.aquasec.com/nvd/cve-2023-43787 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20221119-r0 | 6.3_p20221119-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20221119-r0 | 6.3_p20221119-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.51.0-r0 | 1.51.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.51.0-r0 | 1.51.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
Latest 1.2.x Gloo Portal Release: v1.2.27
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.2.27 (alpine 3.17.5)
No Vulnerabilities Found for Node.js
No Vulnerabilities Found for usr/local/bin/gloo-portal-controller
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.27 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.27 (alpine 3.17.5)
No Vulnerabilities Found for Node.js
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
Gloo Portal gloo-portal-admin-ui image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.27 (alpine 3.20.3)
Release v1.2.26
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.2.26 (alpine 3.17.5)
No Vulnerabilities Found for Node.js
No Vulnerabilities Found for usr/local/bin/gloo-portal-controller
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.26 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.26 (alpine 3.17.5)
No Vulnerabilities Found for Node.js
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
Gloo Portal gloo-portal-admin-ui image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.26 (alpine 3.18.6)
Release v1.2.25
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.2.25 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
No Vulnerabilities Found for usr/local/bin/gloo-portal-controller
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.25 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.25 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.25 (alpine 3.18.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
Release v1.2.24
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.2.24 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
No Vulnerabilities Found for usr/local/bin/gloo-portal-controller
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.24 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.24 (alpine 3.17.5)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.24 (alpine 3.18.5)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.5.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.5.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r1 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r1 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-25062 | libxml2 | HIGH | 2.11.6-r0 | 2.11.7-r0 | https://avd.aquasec.com/nvd/cve-2024-25062 |
Release v1.2.23
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.2.23 (alpine 3.17.4)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
No Vulnerabilities Found for usr/local/bin/gloo-portal-controller
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.23 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.23 (alpine 3.17.4)
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.23 (alpine 3.18.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-2398 | curl | HIGH | 8.4.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.4.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2024-2398 | libcurl | HIGH | 8.4.0-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.4.0-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r1 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r1 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2024-25062 | libxml2 | HIGH | 2.11.4-r0 | 2.11.7-r0 | https://avd.aquasec.com/nvd/cve-2024-25062 |
Release v1.2.22
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.22 (alpine 3.17.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-39325 | golang.org/x/net | HIGH | v0.7.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.22 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.22 (alpine 3.17.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.7.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.22 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-38545 | curl | CRITICAL | 8.2.1-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-38039 | curl | HIGH | 8.2.1-r0 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | curl | HIGH | 8.2.1-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.2.1-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-38545 | libcurl | CRITICAL | 8.2.1-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-38039 | libcurl | HIGH | 8.2.1-r0 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | libcurl | HIGH | 8.2.1-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.2.1-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r0 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.10-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-4863 | libwebp | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2023-43787 | libx11 | HIGH | 1.8.4-r1 | 1.8.7-r0 | https://avd.aquasec.com/nvd/cve-2023-43787 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.51.0-r1 | 1.51.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
Release v1.2.21
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.21 (alpine 3.17.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-39325 | golang.org/x/net | HIGH | v0.7.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.21 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.21 (alpine 3.17.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.7.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.21 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-38545 | curl | CRITICAL | 8.1.2-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-38039 | curl | HIGH | 8.1.2-r0 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | curl | HIGH | 8.1.2-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.1.2-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-38545 | libcurl | CRITICAL | 8.1.2-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-38039 | libcurl | HIGH | 8.1.2-r0 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | libcurl | HIGH | 8.1.2-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.1.2-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r0 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.9-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-4863 | libwebp | HIGH | 1.2.4-r2 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2023-43787 | libx11 | HIGH | 1.8.4-r1 | 1.8.7-r0 | https://avd.aquasec.com/nvd/cve-2023-43787 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.51.0-r0 | 1.51.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.51.0-r0 | 1.51.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
Release v1.2.20
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.20 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-39325 | golang.org/x/net | HIGH | v0.7.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.20 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.20 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.7.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.20 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-38545 | curl | CRITICAL | 8.0.1-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-28319 | curl | HIGH | 8.0.1-r0 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 8.0.1-r0 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | curl | HIGH | 8.0.1-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 8.0.1-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-38545 | libcurl | CRITICAL | 8.0.1-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-28319 | libcurl | HIGH | 8.0.1-r0 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 8.0.1-r0 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | libcurl | HIGH | 8.0.1-r0 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 8.0.1-r0 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r0 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r4 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-1999 | libwebp | HIGH | 1.2.4-r1 | 1.2.4-r2 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.4-r1 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2023-3138 | libx11 | HIGH | 1.8.4-r0 | 1.8.4-r1 | https://avd.aquasec.com/nvd/cve-2023-3138 |
CVE-2023-43787 | libx11 | HIGH | 1.8.4-r0 | 1.8.7-r0 | https://avd.aquasec.com/nvd/cve-2023-43787 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20221119-r0 | 6.3_p20221119-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20221119-r0 | 6.3_p20221119-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.51.0-r0 | 1.51.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.51.0-r0 | 1.51.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
Release v1.2.19
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.19 (alpine 3.17.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-39325 | golang.org/x/net | HIGH | v0.7.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.19 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.19 (alpine 3.17.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.7.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.19 (alpine 3.17.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-38545 | curl | CRITICAL | 7.88.1-r1 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-28319 | curl | HIGH | 7.88.1-r1 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.88.1-r1 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | curl | HIGH | 7.88.1-r1 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 7.88.1-r1 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-38545 | libcurl | CRITICAL | 7.88.1-r1 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-28319 | libcurl | HIGH | 7.88.1-r1 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.88.1-r1 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | libcurl | HIGH | 7.88.1-r1 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 7.88.1-r1 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r0 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r3 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-1999 | libwebp | HIGH | 1.2.4-r1 | 1.2.4-r2 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.4-r1 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2023-3138 | libx11 | HIGH | 1.8.4-r0 | 1.8.4-r1 | https://avd.aquasec.com/nvd/cve-2023-3138 |
CVE-2023-43787 | libx11 | HIGH | 1.8.4-r0 | 1.8.7-r0 | https://avd.aquasec.com/nvd/cve-2023-43787 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20221119-r0 | 6.3_p20221119-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20221119-r0 | 6.3_p20221119-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.51.0-r0 | 1.51.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.51.0-r0 | 1.51.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
Release v1.2.18
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.18 (alpine 3.17.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-39325 | golang.org/x/net | HIGH | v0.7.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.18 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.18 (alpine 3.17.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.7.0 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.18 (alpine 3.17.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-38545 | curl | CRITICAL | 7.88.1-r1 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-28319 | curl | HIGH | 7.88.1-r1 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.88.1-r1 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | curl | HIGH | 7.88.1-r1 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 7.88.1-r1 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-38545 | libcurl | CRITICAL | 7.88.1-r1 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-28319 | libcurl | HIGH | 7.88.1-r1 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.88.1-r1 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | libcurl | HIGH | 7.88.1-r1 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 7.88.1-r1 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r0 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r1 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-1999 | libwebp | HIGH | 1.2.4-r1 | 1.2.4-r2 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.4-r1 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2023-3138 | libx11 | HIGH | 1.8.4-r0 | 1.8.4-r1 | https://avd.aquasec.com/nvd/cve-2023-3138 |
CVE-2023-43787 | libx11 | HIGH | 1.8.4-r0 | 1.8.7-r0 | https://avd.aquasec.com/nvd/cve-2023-43787 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20221119-r0 | 6.3_p20221119-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20221119-r0 | 6.3_p20221119-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.51.0-r0 | 1.51.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.51.0-r0 | 1.51.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
Release v1.2.17
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.17 (alpine 3.17.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-41723 | golang.org/x/net | HIGH | v0.1.1-0.20221104162952-702349b0e862 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.1.1-0.20221104162952-702349b0e862 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.17 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.17 (alpine 3.17.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25883 | semver | HIGH | 7.3.8 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.1.1-0.20221104162952-702349b0e862 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.1.1-0.20221104162952-702349b0e862 | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.17 (alpine 3.17.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-38545 | curl | CRITICAL | 7.87.0-r2 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-27533 | curl | HIGH | 7.87.0-r2 | 7.88.1-r1 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | curl | HIGH | 7.87.0-r2 | 7.88.1-r1 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | curl | HIGH | 7.87.0-r2 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.87.0-r2 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | curl | HIGH | 7.87.0-r2 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | curl | HIGH | 7.87.0-r2 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-5363 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-38545 | libcurl | CRITICAL | 7.87.0-r2 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-27533 | libcurl | HIGH | 7.87.0-r2 | 7.88.1-r1 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | libcurl | HIGH | 7.87.0-r2 | 7.88.1-r1 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | libcurl | HIGH | 7.87.0-r2 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.87.0-r2 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2024-2398 | libcurl | HIGH | 7.87.0-r2 | 8.7.1-r0 | https://avd.aquasec.com/nvd/cve-2024-2398 |
CVE-2024-6197 | libcurl | HIGH | 7.87.0-r2 | 8.9.0-r0 | https://avd.aquasec.com/nvd/cve-2024-6197 |
CVE-2023-52425 | libexpat | HIGH | 2.5.0-r0 | 2.6.0-r0 | https://avd.aquasec.com/nvd/cve-2023-52425 |
CVE-2024-28757 | libexpat | HIGH | 2.5.0-r0 | 2.6.2-r0 | https://avd.aquasec.com/nvd/cve-2024-28757 |
CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-5363 | libssl3 | HIGH | 3.0.8-r0 | 3.0.12-r0 | https://avd.aquasec.com/nvd/cve-2023-5363 |
CVE-2023-1999 | libwebp | HIGH | 1.2.4-r1 | 1.2.4-r2 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.4-r1 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2023-3138 | libx11 | HIGH | 1.8.4-r0 | 1.8.4-r1 | https://avd.aquasec.com/nvd/cve-2023-3138 |
CVE-2023-43787 | libx11 | HIGH | 1.8.4-r0 | 1.8.7-r0 | https://avd.aquasec.com/nvd/cve-2023-43787 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20221119-r0 | 6.3_p20221119-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20221119-r0 | 6.3_p20221119-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.51.0-r0 | 1.51.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.51.0-r0 | 1.51.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
CVE-2022-3970 | tiff | HIGH | 4.4.0-r1 | 4.4.0-r2 | https://avd.aquasec.com/nvd/cve-2022-3970 |
Release v1.2.16
Gloo Portal gloo-portal-controller image
No scan found
Gloo Portal gloo-portal-admin-envoy image
No scan found
Gloo Portal gloo-portal-admin-server image
No scan found
Gloo Portal gloo-portal-admin-ui image
No scan found
Release v1.2.15
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.15 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.15 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.15 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.15 (alpine 3.16.1)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-23914 | curl | CRITICAL | 7.83.1-r5 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | curl | CRITICAL | 7.83.1-r5 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-27533 | curl | HIGH | 7.83.1-r5 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | curl | HIGH | 7.83.1-r5 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | curl | HIGH | 7.83.1-r5 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.83.1-r5 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-23914 | libcurl | CRITICAL | 7.83.1-r5 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | libcurl | CRITICAL | 7.83.1-r5 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-27533 | libcurl | HIGH | 7.83.1-r5 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | libcurl | HIGH | 7.83.1-r5 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | libcurl | HIGH | 7.83.1-r5 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.83.1-r5 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-1999 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
CVE-2022-41409 | pcre2 | HIGH | 10.40-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
Release v1.2.14
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.14 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.14 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.14 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.14 (alpine 3.16.1)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-23914 | curl | CRITICAL | 7.83.1-r5 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | curl | CRITICAL | 7.83.1-r5 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-27533 | curl | HIGH | 7.83.1-r5 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | curl | HIGH | 7.83.1-r5 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | curl | HIGH | 7.83.1-r5 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.83.1-r5 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-23914 | libcurl | CRITICAL | 7.83.1-r5 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | libcurl | CRITICAL | 7.83.1-r5 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-27533 | libcurl | HIGH | 7.83.1-r5 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | libcurl | HIGH | 7.83.1-r5 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | libcurl | HIGH | 7.83.1-r5 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.83.1-r5 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-1999 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
CVE-2022-41409 | pcre2 | HIGH | 10.40-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
Release v1.2.13
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.13 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.13 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.13 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r1 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.13 (alpine 3.16.1)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-23914 | curl | CRITICAL | 7.83.1-r4 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | curl | CRITICAL | 7.83.1-r4 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-43551 | curl | HIGH | 7.83.1-r4 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | curl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | curl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | curl | HIGH | 7.83.1-r4 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.83.1-r4 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-23914 | libcurl | CRITICAL | 7.83.1-r4 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | libcurl | CRITICAL | 7.83.1-r4 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-43551 | libcurl | HIGH | 7.83.1-r4 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | libcurl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | libcurl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | libcurl | HIGH | 7.83.1-r4 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.83.1-r4 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1s-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-1999 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
CVE-2022-41409 | pcre2 | HIGH | 10.40-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
Release v1.2.12
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.12 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.12 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.12 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.12 (alpine 3.16.1)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-23914 | curl | CRITICAL | 7.83.1-r4 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | curl | CRITICAL | 7.83.1-r4 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-43551 | curl | HIGH | 7.83.1-r4 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | curl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | curl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | curl | HIGH | 7.83.1-r4 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.83.1-r4 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-23914 | libcurl | CRITICAL | 7.83.1-r4 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | libcurl | CRITICAL | 7.83.1-r4 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-43551 | libcurl | HIGH | 7.83.1-r4 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | libcurl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | libcurl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | libcurl | HIGH | 7.83.1-r4 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.83.1-r4 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-1999 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
CVE-2022-41409 | pcre2 | HIGH | 10.40-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
Release v1.2.11
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.11 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.11 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.11 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.11 (alpine 3.16.1)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-23914 | curl | CRITICAL | 7.83.1-r4 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | curl | CRITICAL | 7.83.1-r4 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-43551 | curl | HIGH | 7.83.1-r4 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | curl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | curl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | curl | HIGH | 7.83.1-r4 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.83.1-r4 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-23914 | libcurl | CRITICAL | 7.83.1-r4 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | libcurl | CRITICAL | 7.83.1-r4 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-43551 | libcurl | HIGH | 7.83.1-r4 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | libcurl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | libcurl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | libcurl | HIGH | 7.83.1-r4 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.83.1-r4 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-1999 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
CVE-2022-41409 | pcre2 | HIGH | 10.40-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
Release v1.2.10
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.10 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.10 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.10 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.49.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.10 (alpine 3.16.1)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-32221 | curl | CRITICAL | 7.83.1-r3 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
CVE-2023-23914 | curl | CRITICAL | 7.83.1-r3 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | curl | CRITICAL | 7.83.1-r3 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-42915 | curl | HIGH | 7.83.1-r3 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
CVE-2022-42916 | curl | HIGH | 7.83.1-r3 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
CVE-2022-43551 | curl | HIGH | 7.83.1-r3 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | curl | HIGH | 7.83.1-r3 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | curl | HIGH | 7.83.1-r3 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | curl | HIGH | 7.83.1-r3 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.83.1-r3 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-32221 | libcurl | CRITICAL | 7.83.1-r3 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
CVE-2023-23914 | libcurl | CRITICAL | 7.83.1-r3 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | libcurl | CRITICAL | 7.83.1-r3 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-42915 | libcurl | HIGH | 7.83.1-r3 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
CVE-2022-42916 | libcurl | HIGH | 7.83.1-r3 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
CVE-2022-43551 | libcurl | HIGH | 7.83.1-r3 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | libcurl | HIGH | 7.83.1-r3 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | libcurl | HIGH | 7.83.1-r3 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | libcurl | HIGH | 7.83.1-r3 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.83.1-r3 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-1999 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.14-r1 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.14-r1 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
CVE-2022-41409 | pcre2 | HIGH | 10.40-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
Release v1.2.9
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.9 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.40.0 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-36085 | github.com/open-policy-agent/opa | HIGH | v0.40.0 | 0.43.1 | https://avd.aquasec.com/nvd/cve-2022-36085 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.46.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.9 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.9 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.40.0 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-36085 | github.com/open-policy-agent/opa | HIGH | v0.40.0 | 0.43.1 | https://avd.aquasec.com/nvd/cve-2022-36085 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.46.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.9 (alpine 3.16.1)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-32221 | curl | CRITICAL | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
CVE-2023-23914 | curl | CRITICAL | 7.83.1-r2 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | curl | CRITICAL | 7.83.1-r2 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-42915 | curl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
CVE-2022-42916 | curl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
CVE-2022-43551 | curl | HIGH | 7.83.1-r2 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | curl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | curl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | curl | HIGH | 7.83.1-r2 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.83.1-r2 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-32221 | libcurl | CRITICAL | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
CVE-2023-23914 | libcurl | CRITICAL | 7.83.1-r2 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | libcurl | CRITICAL | 7.83.1-r2 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-42915 | libcurl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
CVE-2022-42916 | libcurl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
CVE-2022-43551 | libcurl | HIGH | 7.83.1-r2 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | libcurl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | libcurl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | libcurl | HIGH | 7.83.1-r2 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.83.1-r2 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-1999 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
CVE-2022-41409 | pcre2 | HIGH | 10.40-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
Release v1.2.8
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.8 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r1 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.40.0 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-36085 | github.com/open-policy-agent/opa | HIGH | v0.40.0 | 0.43.1 | https://avd.aquasec.com/nvd/cve-2022-36085 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.46.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.8 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.8 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r1 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.40.0 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-36085 | github.com/open-policy-agent/opa | HIGH | v0.40.0 | 0.43.1 | https://avd.aquasec.com/nvd/cve-2022-36085 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.46.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.8 (alpine 3.16.0)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-32221 | curl | CRITICAL | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
CVE-2023-23914 | curl | CRITICAL | 7.83.1-r2 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | curl | CRITICAL | 7.83.1-r2 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-42915 | curl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
CVE-2022-42916 | curl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
CVE-2022-43551 | curl | HIGH | 7.83.1-r2 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | curl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | curl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | curl | HIGH | 7.83.1-r2 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.83.1-r2 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-32221 | libcurl | CRITICAL | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
CVE-2023-23914 | libcurl | CRITICAL | 7.83.1-r2 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | libcurl | CRITICAL | 7.83.1-r2 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-42915 | libcurl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
CVE-2022-42916 | libcurl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
CVE-2022-43551 | libcurl | HIGH | 7.83.1-r2 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | libcurl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | libcurl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | libcurl | HIGH | 7.83.1-r2 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.83.1-r2 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-1999 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
CVE-2022-41409 | pcre2 | HIGH | 10.40-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r1 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Release v1.2.7
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.7 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r1 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.40.0 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-36085 | github.com/open-policy-agent/opa | HIGH | v0.40.0 | 0.43.1 | https://avd.aquasec.com/nvd/cve-2022-36085 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.46.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.7 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.20 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.7 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r1 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.40.0 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-36085 | github.com/open-policy-agent/opa | HIGH | v0.40.0 | 0.43.1 | https://avd.aquasec.com/nvd/cve-2022-36085 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.46.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.7 (alpine 3.16.0)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-30065 | busybox | HIGH | 1.35.0-r14 | 1.35.0-r15 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-32221 | curl | CRITICAL | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
CVE-2023-23914 | curl | CRITICAL | 7.83.1-r2 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | curl | CRITICAL | 7.83.1-r2 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-42915 | curl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
CVE-2022-42916 | curl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
CVE-2022-43551 | curl | HIGH | 7.83.1-r2 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | curl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | curl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | curl | HIGH | 7.83.1-r2 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.83.1-r2 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-32221 | libcurl | CRITICAL | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
CVE-2023-23914 | libcurl | CRITICAL | 7.83.1-r2 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | libcurl | CRITICAL | 7.83.1-r2 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-42915 | libcurl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
CVE-2022-42916 | libcurl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
CVE-2022-43551 | libcurl | HIGH | 7.83.1-r2 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | libcurl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | libcurl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | libcurl | HIGH | 7.83.1-r2 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.83.1-r2 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-1999 | libwebp | HIGH | 1.2.2-r0 | 1.2.3-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.2-r0 | 1.2.3-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
CVE-2022-41409 | pcre2 | HIGH | 10.40-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
CVE-2022-30065 | ssl_client | HIGH | 1.35.0-r14 | 1.35.0-r15 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r1 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Release v1.2.6
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.6 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r1 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-29244 | npm | HIGH | 8.8.0 | 8.11.0 | https://avd.aquasec.com/nvd/cve-2022-29244 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.11.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.44.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.6 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.17 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.17 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.6 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r1 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-29244 | npm | HIGH | 8.8.0 | 8.11.0 | https://avd.aquasec.com/nvd/cve-2022-29244 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.11.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.44.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.6 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-32207 | curl | CRITICAL | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2022-32221 | curl | CRITICAL | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
CVE-2023-23914 | curl | CRITICAL | 7.80.0-r1 | 7.80.0-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | curl | CRITICAL | 7.80.0-r1 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-27780 | curl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27780 |
CVE-2022-27781 | curl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | curl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-42915 | curl | HIGH | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
CVE-2022-42916 | curl | HIGH | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
CVE-2022-43551 | curl | HIGH | 7.80.0-r1 | 7.80.0-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | curl | HIGH | 7.80.0-r1 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | curl | HIGH | 7.80.0-r1 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | curl | HIGH | 7.80.0-r1 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.80.0-r1 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-32207 | libcurl | CRITICAL | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2022-32221 | libcurl | CRITICAL | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
CVE-2023-23914 | libcurl | CRITICAL | 7.80.0-r1 | 7.80.0-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | libcurl | CRITICAL | 7.80.0-r1 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-27780 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27780 |
CVE-2022-27781 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-42915 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
CVE-2022-42916 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
CVE-2022-43551 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | libcurl | HIGH | 7.80.0-r1 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | libcurl | HIGH | 7.80.0-r1 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | libcurl | HIGH | 7.80.0-r1 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.80.0-r1 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-1999 | libwebp | HIGH | 1.2.2-r0 | 1.2.2-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.2-r0 | 1.2.2-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2022-29458 | ncurses-libs | HIGH | 6.3_p20211120-r0 | 6.3_p20211120-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20211120-r0 | 6.3_p20211120-r2 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2022-29458 | ncurses-terminfo-base | HIGH | 6.3_p20211120-r0 | 6.3_p20211120-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20211120-r0 | 6.3_p20211120-r2 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.46.0-r0 | 1.46.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.46.0-r0 | 1.46.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
CVE-2022-41409 | pcre2 | HIGH | 10.40-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r1 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Release v1.2.5
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.5 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r1 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-29244 | npm | HIGH | 8.8.0 | 8.11.0 | https://avd.aquasec.com/nvd/cve-2022-29244 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.11.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.44.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.5 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.17 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.17 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.5 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r1 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-29244 | npm | HIGH | 8.8.0 | 8.11.0 | https://avd.aquasec.com/nvd/cve-2022-29244 |
CVE-2022-25883 | semver | HIGH | 7.3.7 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.11.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.44.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.5 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-32207 | curl | CRITICAL | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2022-32221 | curl | CRITICAL | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
CVE-2023-23914 | curl | CRITICAL | 7.80.0-r1 | 7.80.0-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | curl | CRITICAL | 7.80.0-r1 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-27780 | curl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27780 |
CVE-2022-27781 | curl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | curl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-42915 | curl | HIGH | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
CVE-2022-42916 | curl | HIGH | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
CVE-2022-43551 | curl | HIGH | 7.80.0-r1 | 7.80.0-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | curl | HIGH | 7.80.0-r1 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | curl | HIGH | 7.80.0-r1 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | curl | HIGH | 7.80.0-r1 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.80.0-r1 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-32207 | libcurl | CRITICAL | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2022-32221 | libcurl | CRITICAL | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
CVE-2023-23914 | libcurl | CRITICAL | 7.80.0-r1 | 7.80.0-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | libcurl | CRITICAL | 7.80.0-r1 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-27780 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27780 |
CVE-2022-27781 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-42915 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
CVE-2022-42916 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
CVE-2022-43551 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | libcurl | HIGH | 7.80.0-r1 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | libcurl | HIGH | 7.80.0-r1 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | libcurl | HIGH | 7.80.0-r1 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.80.0-r1 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1o-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-1999 | libwebp | HIGH | 1.2.2-r0 | 1.2.2-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.2-r0 | 1.2.2-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2022-29458 | ncurses-libs | HIGH | 6.3_p20211120-r0 | 6.3_p20211120-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20211120-r0 | 6.3_p20211120-r2 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2022-29458 | ncurses-terminfo-base | HIGH | 6.3_p20211120-r0 | 6.3_p20211120-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20211120-r0 | 6.3_p20211120-r2 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.46.0-r0 | 1.46.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.46.0-r0 | 1.46.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
CVE-2022-1586 | pcre2 | CRITICAL | 10.39-r0 | 10.40-r0 | https://avd.aquasec.com/nvd/cve-2022-1586 |
CVE-2022-1587 | pcre2 | CRITICAL | 10.39-r0 | 10.40-r0 | https://avd.aquasec.com/nvd/cve-2022-1587 |
CVE-2022-41409 | pcre2 | HIGH | 10.39-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r1 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Release v1.2.4
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.4 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r1 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 5.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2022-29244 | npm | HIGH | 8.5.0 | 8.11.0 | https://avd.aquasec.com/nvd/cve-2022-29244 |
CVE-2022-25883 | semver | HIGH | 7.3.5 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.11.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.44.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.4 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.15 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.15 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.4 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r1 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 5.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2022-29244 | npm | HIGH | 8.5.0 | 8.11.0 | https://avd.aquasec.com/nvd/cve-2022-29244 |
CVE-2022-25883 | semver | HIGH | 7.3.5 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.11.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.44.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.4 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-32207 | curl | CRITICAL | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2022-32221 | curl | CRITICAL | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
CVE-2023-23914 | curl | CRITICAL | 7.80.0-r1 | 7.80.0-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | curl | CRITICAL | 7.80.0-r1 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-27780 | curl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27780 |
CVE-2022-27781 | curl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | curl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-42915 | curl | HIGH | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
CVE-2022-42916 | curl | HIGH | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
CVE-2022-43551 | curl | HIGH | 7.80.0-r1 | 7.80.0-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | curl | HIGH | 7.80.0-r1 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | curl | HIGH | 7.80.0-r1 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | curl | HIGH | 7.80.0-r1 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.80.0-r1 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-27404 | freetype | CRITICAL | 2.11.1-r0 | 2.11.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27404 |
CVE-2022-27405 | freetype | HIGH | 2.11.1-r0 | 2.11.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27405 |
CVE-2022-27406 | freetype | HIGH | 2.11.1-r0 | 2.11.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27406 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-32207 | libcurl | CRITICAL | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2022-32221 | libcurl | CRITICAL | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
CVE-2023-23914 | libcurl | CRITICAL | 7.80.0-r1 | 7.80.0-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | libcurl | CRITICAL | 7.80.0-r1 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-27780 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27780 |
CVE-2022-27781 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-42915 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
CVE-2022-42916 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
CVE-2022-43551 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | libcurl | HIGH | 7.80.0-r1 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | libcurl | HIGH | 7.80.0-r1 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | libcurl | HIGH | 7.80.0-r1 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.80.0-r1 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-1999 | libwebp | HIGH | 1.2.2-r0 | 1.2.2-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.2-r0 | 1.2.2-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.13-r0 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.13-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.13-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2022-29458 | ncurses-libs | HIGH | 6.3_p20211120-r0 | 6.3_p20211120-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20211120-r0 | 6.3_p20211120-r2 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2022-29458 | ncurses-terminfo-base | HIGH | 6.3_p20211120-r0 | 6.3_p20211120-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20211120-r0 | 6.3_p20211120-r2 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.46.0-r0 | 1.46.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.46.0-r0 | 1.46.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
CVE-2022-1586 | pcre2 | CRITICAL | 10.39-r0 | 10.40-r0 | https://avd.aquasec.com/nvd/cve-2022-1586 |
CVE-2022-1587 | pcre2 | CRITICAL | 10.39-r0 | 10.40-r0 | https://avd.aquasec.com/nvd/cve-2022-1587 |
CVE-2022-41409 | pcre2 | HIGH | 10.39-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r1 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Release v1.2.3
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.3 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r1 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 5.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2022-29244 | npm | HIGH | 8.5.0 | 8.11.0 | https://avd.aquasec.com/nvd/cve-2022-29244 |
CVE-2022-25883 | semver | HIGH | 7.3.5 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.11.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.44.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.3 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.15 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.15 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.3 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r1 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 5.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2022-29244 | npm | HIGH | 8.5.0 | 8.11.0 | https://avd.aquasec.com/nvd/cve-2022-29244 |
CVE-2022-25883 | semver | HIGH | 7.3.5 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.11.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.44.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.3 (alpine 3.15.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-32207 | curl | CRITICAL | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2022-32221 | curl | CRITICAL | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
CVE-2023-23914 | curl | CRITICAL | 7.80.0-r1 | 7.80.0-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | curl | CRITICAL | 7.80.0-r1 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-27780 | curl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27780 |
CVE-2022-27781 | curl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | curl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-42915 | curl | HIGH | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
CVE-2022-42916 | curl | HIGH | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
CVE-2022-43551 | curl | HIGH | 7.80.0-r1 | 7.80.0-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | curl | HIGH | 7.80.0-r1 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | curl | HIGH | 7.80.0-r1 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | curl | HIGH | 7.80.0-r1 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.80.0-r1 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-27404 | freetype | CRITICAL | 2.11.1-r0 | 2.11.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27404 |
CVE-2022-27405 | freetype | HIGH | 2.11.1-r0 | 2.11.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27405 |
CVE-2022-27406 | freetype | HIGH | 2.11.1-r0 | 2.11.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27406 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-32207 | libcurl | CRITICAL | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2022-32221 | libcurl | CRITICAL | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
CVE-2023-23914 | libcurl | CRITICAL | 7.80.0-r1 | 7.80.0-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2023-38545 | libcurl | CRITICAL | 7.80.0-r1 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-27780 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27780 |
CVE-2022-27781 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-42915 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
CVE-2022-42916 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
CVE-2022-43551 | libcurl | HIGH | 7.80.0-r1 | 7.80.0-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | libcurl | HIGH | 7.80.0-r1 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | libcurl | HIGH | 7.80.0-r1 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | libcurl | HIGH | 7.80.0-r1 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.80.0-r1 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-1999 | libwebp | HIGH | 1.2.2-r0 | 1.2.2-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.2-r0 | 1.2.2-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.13-r0 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.13-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.13-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2022-29458 | ncurses-libs | HIGH | 6.3_p20211120-r0 | 6.3_p20211120-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20211120-r0 | 6.3_p20211120-r2 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2022-29458 | ncurses-terminfo-base | HIGH | 6.3_p20211120-r0 | 6.3_p20211120-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20211120-r0 | 6.3_p20211120-r2 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.46.0-r0 | 1.46.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.46.0-r0 | 1.46.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
CVE-2022-1586 | pcre2 | CRITICAL | 10.39-r0 | 10.40-r0 | https://avd.aquasec.com/nvd/cve-2022-1586 |
CVE-2022-1587 | pcre2 | CRITICAL | 10.39-r0 | 10.40-r0 | https://avd.aquasec.com/nvd/cve-2022-1587 |
CVE-2022-41409 | pcre2 | HIGH | 10.39-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r1 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Release v1.2.2
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.2 (alpine 3.15.1)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28391 | busybox | HIGH | 1.34.1-r4 | 1.34.1-r5 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-0778 | libretls | HIGH | 3.3.4-r2 | 3.3.4-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-28391 | ssl_client | HIGH | 1.34.1-r4 | 1.34.1-r5 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 1.2.6, 0.2.4 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 | https://avd.aquasec.com/nvd/cve-2022-24999 |
CVE-2022-25883 | semver | HIGH | 5.7.1 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.11.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210817164053-32db794688a5 | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210817164053-32db794688a5 | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.44.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.2 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.2 (alpine 3.15.1)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r0 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 1.2.6, 0.2.4 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 | https://avd.aquasec.com/nvd/cve-2022-24999 |
CVE-2022-25883 | semver | HIGH | 5.7.1 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.11.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210817164053-32db794688a5 | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210817164053-32db794688a5 | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.44.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.2 (alpine 3.13.7)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28391 | busybox | HIGH | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r7 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-32207 | curl | CRITICAL | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2022-22576 | curl | HIGH | 7.79.1-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | curl | HIGH | 7.79.1-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | curl | HIGH | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | curl | HIGH | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
CVE-2022-27405 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27405 |
CVE-2022-27406 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27406 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-32207 | libcurl | CRITICAL | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2022-22576 | libcurl | HIGH | 7.79.1-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | libcurl | HIGH | 7.79.1-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | libcurl | HIGH | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | libcurl | HIGH | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
CVE-2022-29458 | ncurses-libs | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2022-29458 | ncurses-terminfo-base | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r7 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release v1.2.1
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.1 (alpine 3.15.1)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28391 | busybox | HIGH | 1.34.1-r4 | 1.34.1-r5 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-0778 | libretls | HIGH | 3.3.4-r2 | 3.3.4-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-28391 | ssl_client | HIGH | 1.34.1-r4 | 1.34.1-r5 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 1.2.6, 0.2.4 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 | https://avd.aquasec.com/nvd/cve-2022-24999 |
CVE-2022-25883 | semver | HIGH | 5.7.1 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.11.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210817164053-32db794688a5 | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210817164053-32db794688a5 | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.44.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.1 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.1 (alpine 3.15.1)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28391 | busybox | HIGH | 1.34.1-r4 | 1.34.1-r5 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-28391 | ssl_client | HIGH | 1.34.1-r4 | 1.34.1-r5 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r0 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 1.2.6, 0.2.4 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 | https://avd.aquasec.com/nvd/cve-2022-24999 |
CVE-2022-25883 | semver | HIGH | 5.7.1 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.11.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210817164053-32db794688a5 | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210817164053-32db794688a5 | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.44.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.1 (alpine 3.13.7)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28391 | busybox | HIGH | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r7 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-32207 | curl | CRITICAL | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2022-22576 | curl | HIGH | 7.79.1-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | curl | HIGH | 7.79.1-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | curl | HIGH | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | curl | HIGH | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
CVE-2022-27405 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27405 |
CVE-2022-27406 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27406 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-32207 | libcurl | CRITICAL | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2022-22576 | libcurl | HIGH | 7.79.1-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | libcurl | HIGH | 7.79.1-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | libcurl | HIGH | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | libcurl | HIGH | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
CVE-2022-29458 | ncurses-libs | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2022-29458 | ncurses-terminfo-base | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r7 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release v1.2.0
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.2.0 (alpine 3.15.0)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28391 | busybox | HIGH | 1.34.1-r3 | 1.34.1-r5 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r7 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1l-r7 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1l-r7 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1l-r7 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1l-r7 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-0778 | libretls | HIGH | 3.3.4-r2 | 3.3.4-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r7 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1l-r7 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1l-r7 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1l-r7 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1l-r7 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-28391 | ssl_client | HIGH | 1.34.1-r3 | 1.34.1-r5 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 1.2.6, 0.2.4 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 | https://avd.aquasec.com/nvd/cve-2022-24999 |
CVE-2022-25883 | semver | HIGH | 5.7.1 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.11.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210817164053-32db794688a5 | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210817164053-32db794688a5 | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.44.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.2.0 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.2.0 (alpine 3.15.0)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28391 | busybox | HIGH | 1.34.1-r4 | 1.34.1-r5 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r8 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1l-r8 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1l-r8 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1l-r8 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1l-r8 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-0778 | libretls | HIGH | 3.3.4-r2 | 3.3.4-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r8 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1l-r8 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1l-r8 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1l-r8 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1l-r8 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-28391 | ssl_client | HIGH | 1.34.1-r4 | 1.34.1-r5 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 1.2.6, 0.2.4 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 | https://avd.aquasec.com/nvd/cve-2022-24999 |
CVE-2022-25883 | semver | HIGH | 5.7.1 | 7.5.2, 6.3.1, 5.7.2 | https://avd.aquasec.com/nvd/cve-2022-25883 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2024-27289 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2 | https://avd.aquasec.com/nvd/cve-2024-27289 |
CVE-2024-27304 | github.com/jackc/pgx | HIGH | v3.6.2+incompatible | 4.18.2, 5.5.4 | https://avd.aquasec.com/nvd/cve-2024-27304 |
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.11.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210817164053-32db794688a5 | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210817164053-32db794688a5 | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2023-39325 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.17.0 | https://avd.aquasec.com/nvd/cve-2023-39325 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
GHSA-m425-mq94-257g | google.golang.org/grpc | HIGH | v1.44.0 | 1.56.3, 1.57.1, 1.58.3 | https://github.com/advisories/GHSA-m425-mq94-257g |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.2.0 (alpine 3.13.7)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28391 | busybox | HIGH | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r7 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-32207 | curl | CRITICAL | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2022-22576 | curl | HIGH | 7.79.1-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | curl | HIGH | 7.79.1-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | curl | HIGH | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | curl | HIGH | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
CVE-2022-27405 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27405 |
CVE-2022-27406 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27406 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-32207 | libcurl | CRITICAL | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2022-22576 | libcurl | HIGH | 7.79.1-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | libcurl | HIGH | 7.79.1-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | libcurl | HIGH | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | libcurl | HIGH | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
CVE-2022-29458 | ncurses-libs | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2022-29458 | ncurses-terminfo-base | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r7 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Latest 1.1.x Gloo Portal Release: v1.1.11
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.1.11 (alpine 3.17.3)
No Vulnerabilities Found for Node.js
No Vulnerabilities Found for usr/local/bin/gloo-portal-controller
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.1.11 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.1.11 (alpine 3.17.3)
No Vulnerabilities Found for Node.js
No Vulnerabilities Found for usr/local/bin/adminserver
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.1.11 (alpine 3.17.3)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-28319 | curl | HIGH | 8.0.1-r0 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 8.0.1-r0 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2023-38545 | curl | HIGH | 8.0.1-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-28319 | libcurl | HIGH | 8.0.1-r0 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 8.0.1-r0 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2023-38545 | libcurl | HIGH | 8.0.1-r0 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-1999 | libwebp | HIGH | 1.2.4-r1 | 1.2.4-r2 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.4-r1 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2023-3138 | libx11 | HIGH | 1.8.4-r0 | 1.8.4-r1 | https://avd.aquasec.com/nvd/cve-2023-3138 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20221119-r0 | 6.3_p20221119-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20221119-r0 | 6.3_p20221119-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.51.0-r0 | 1.51.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.51.0-r0 | 1.51.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
Release v1.1.10
Gloo Portal gloo-portal-controller image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-controller:1.1.10 (alpine 3.17.2)
No Vulnerabilities Found for Node.js
No Vulnerabilities Found for usr/local/bin/gloo-portal-controller
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.1.10 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-server:1.1.10 (alpine 3.17.2)
No Vulnerabilities Found for Node.js
No Vulnerabilities Found for usr/local/bin/adminserver
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.1.10 (alpine 3.17.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-28319 | curl | HIGH | 7.88.1-r1 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.88.1-r1 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2023-38545 | curl | HIGH | 7.88.1-r1 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-28319 | libcurl | HIGH | 7.88.1-r1 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.88.1-r1 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2023-38545 | libcurl | HIGH | 7.88.1-r1 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-1999 | libwebp | HIGH | 1.2.4-r1 | 1.2.4-r2 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.4-r1 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2023-3138 | libx11 | HIGH | 1.8.4-r0 | 1.8.4-r1 | https://avd.aquasec.com/nvd/cve-2023-3138 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20221119-r0 | 6.3_p20221119-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20221119-r0 | 6.3_p20221119-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.51.0-r0 | 1.51.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.51.0-r0 | 1.51.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
Release v1.1.9
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.1.9 (alpine 3.17.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
No Vulnerabilities Found for Node.js
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-41723 | golang.org/x/net | HIGH | v0.1.1-0.20221104162952-702349b0e862 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
Gloo Portal gloo-portal-admin-envoy image
No Vulnerabilities Found for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.1.9 (ubuntu 18.04)
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.1.9 (alpine 3.17.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
No Vulnerabilities Found for Node.js
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-41723 | golang.org/x/net | HIGH | v0.1.1-0.20221104162952-702349b0e862 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.1.9 (alpine 3.17.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-27533 | curl | HIGH | 7.87.0-r2 | 7.88.1-r1 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | curl | HIGH | 7.87.0-r2 | 7.88.1-r1 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | curl | HIGH | 7.87.0-r2 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.87.0-r2 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2023-38545 | curl | HIGH | 7.87.0-r2 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-0464 | libcrypto3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-27533 | libcurl | HIGH | 7.87.0-r2 | 7.88.1-r1 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | libcurl | HIGH | 7.87.0-r2 | 7.88.1-r1 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | libcurl | HIGH | 7.87.0-r2 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.87.0-r2 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2023-38545 | libcurl | HIGH | 7.87.0-r2 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2023-0464 | libssl3 | HIGH | 3.0.8-r0 | 3.0.8-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-1999 | libwebp | HIGH | 1.2.4-r1 | 1.2.4-r2 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.4-r1 | 1.2.4-r3 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2023-3138 | libx11 | HIGH | 1.8.4-r0 | 1.8.4-r1 | https://avd.aquasec.com/nvd/cve-2023-3138 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20221119-r0 | 6.3_p20221119-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20221119-r0 | 6.3_p20221119-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.51.0-r0 | 1.51.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2023-44487 | nghttp2-libs | HIGH | 1.51.0-r0 | 1.51.0-r2 | https://avd.aquasec.com/nvd/cve-2023-44487 |
CVE-2022-3970 | tiff | HIGH | 4.4.0-r1 | 4.4.0-r2 | https://avd.aquasec.com/nvd/cve-2022-3970 |
Release v1.1.8
Gloo Portal gloo-portal-controller image
No scan found
Gloo Portal gloo-portal-admin-envoy image
No scan found
Gloo Portal gloo-portal-admin-server image
No scan found
Gloo Portal gloo-portal-admin-ui image
No scan found
Release v1.1.7
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.1.7 (alpine 3.15.5)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.1.7 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.15 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.15 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.1.7 (alpine 3.15.5)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.1.7 (alpine 3.16.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-23914 | curl | CRITICAL | 7.83.1-r4 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2022-43551 | curl | HIGH | 7.83.1-r4 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | curl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | curl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | curl | HIGH | 7.83.1-r4 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.83.1-r4 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2023-38545 | curl | HIGH | 7.83.1-r4 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-23914 | libcurl | CRITICAL | 7.83.1-r4 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2022-43551 | libcurl | HIGH | 7.83.1-r4 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | libcurl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | libcurl | HIGH | 7.83.1-r4 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | libcurl | HIGH | 7.83.1-r4 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.83.1-r4 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2023-38545 | libcurl | HIGH | 7.83.1-r4 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-1999 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2022-41409 | pcre2 | HIGH | 10.40-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
Release v1.1.6
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.1.6 (alpine 3.15.5)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.1.6 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.15 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.15 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.1.6 (alpine 3.15.5)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-41721 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.1.1-0.20221104162952-702349b0e862 | https://avd.aquasec.com/nvd/cve-2022-41721 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220906165146-f3363e06e74c | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.1.6 (alpine 3.16.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-32221 | curl | CRITICAL | 7.83.1-r3 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
CVE-2023-23914 | curl | CRITICAL | 7.83.1-r3 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2022-42915 | curl | HIGH | 7.83.1-r3 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
CVE-2022-42916 | curl | HIGH | 7.83.1-r3 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
CVE-2022-43551 | curl | HIGH | 7.83.1-r3 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | curl | HIGH | 7.83.1-r3 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | curl | HIGH | 7.83.1-r3 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | curl | HIGH | 7.83.1-r3 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.83.1-r3 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2023-38545 | curl | HIGH | 7.83.1-r3 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-32221 | libcurl | CRITICAL | 7.83.1-r3 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
CVE-2023-23914 | libcurl | CRITICAL | 7.83.1-r3 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2022-42915 | libcurl | HIGH | 7.83.1-r3 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
CVE-2022-42916 | libcurl | HIGH | 7.83.1-r3 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
CVE-2022-43551 | libcurl | HIGH | 7.83.1-r3 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | libcurl | HIGH | 7.83.1-r3 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | libcurl | HIGH | 7.83.1-r3 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | libcurl | HIGH | 7.83.1-r3 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.83.1-r3 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2023-38545 | libcurl | HIGH | 7.83.1-r3 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-1999 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.14-r1 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.14-r1 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2022-41409 | pcre2 | HIGH | 10.40-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
Release v1.1.5
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.1.5 (alpine 3.15.5)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.40.0 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-36085 | github.com/open-policy-agent/opa | HIGH | v0.40.0 | 0.43.1 | https://avd.aquasec.com/nvd/cve-2022-36085 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.1.5 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.15 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.15 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.1.5 (alpine 3.15.5)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r2 | https://avd.aquasec.com/nvd/cve-2023-0464 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 4.1.0 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.40.0 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-36085 | github.com/open-policy-agent/opa | HIGH | v0.40.0 | 0.43.1 | https://avd.aquasec.com/nvd/cve-2022-36085 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20220114011407-0dd24b26b47d | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.7 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20210107192922-496545a6307b | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.1.5 (alpine 3.16.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-32221 | curl | CRITICAL | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
CVE-2023-23914 | curl | CRITICAL | 7.83.1-r2 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2022-42915 | curl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
CVE-2022-42916 | curl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
CVE-2022-43551 | curl | HIGH | 7.83.1-r2 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | curl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | curl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | curl | HIGH | 7.83.1-r2 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | curl | HIGH | 7.83.1-r2 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2023-38545 | curl | HIGH | 7.83.1-r2 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-32221 | libcurl | CRITICAL | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-32221 |
CVE-2023-23914 | libcurl | CRITICAL | 7.83.1-r2 | 7.83.1-r6 | https://avd.aquasec.com/nvd/cve-2023-23914 |
CVE-2022-42915 | libcurl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42915 |
CVE-2022-42916 | libcurl | HIGH | 7.83.1-r2 | 7.83.1-r4 | https://avd.aquasec.com/nvd/cve-2022-42916 |
CVE-2022-43551 | libcurl | HIGH | 7.83.1-r2 | 7.83.1-r5 | https://avd.aquasec.com/nvd/cve-2022-43551 |
CVE-2023-27533 | libcurl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27533 |
CVE-2023-27534 | libcurl | HIGH | 7.83.1-r2 | 8.0.1-r0 | https://avd.aquasec.com/nvd/cve-2023-27534 |
CVE-2023-28319 | libcurl | HIGH | 7.83.1-r2 | 8.1.0-r0 | https://avd.aquasec.com/nvd/cve-2023-28319 |
CVE-2023-38039 | libcurl | HIGH | 7.83.1-r2 | 8.3.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38039 |
CVE-2023-38545 | libcurl | HIGH | 7.83.1-r2 | 8.4.0-r0 | https://avd.aquasec.com/nvd/cve-2023-38545 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2023-1999 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r1 | https://avd.aquasec.com/nvd/cve-2023-1999 |
CVE-2023-4863 | libwebp | HIGH | 1.2.3-r0 | 1.2.3-r2 | https://avd.aquasec.com/nvd/cve-2023-4863 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.14-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2023-29491 | ncurses-libs | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-29491 | ncurses-terminfo-base | HIGH | 6.3_p20220521-r0 | 6.3_p20220521-r1 | https://avd.aquasec.com/nvd/cve-2023-29491 |
CVE-2023-35945 | nghttp2-libs | HIGH | 1.47.0-r0 | 1.47.0-r1 | https://avd.aquasec.com/nvd/cve-2023-35945 |
CVE-2022-41409 | pcre2 | HIGH | 10.40-r0 | 10.42-r0 | https://avd.aquasec.com/nvd/cve-2022-41409 |
Release v1.1.4
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.1.4 (alpine 3.14.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 1.2.6, 0.2.4 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 | https://avd.aquasec.com/nvd/cve-2022-24999 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.6 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.6 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.1.4 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.1.4 (alpine 3.14.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1q-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r1 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 1.2.6, 0.2.4 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 | https://avd.aquasec.com/nvd/cve-2022-24999 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.6 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.6 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.1.4 (alpine 3.13.7)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28391 | busybox | HIGH | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r7 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-32207 | curl | CRITICAL | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2022-22576 | curl | HIGH | 7.79.1-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | curl | HIGH | 7.79.1-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | curl | HIGH | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | curl | HIGH | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
CVE-2022-27405 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27405 |
CVE-2022-27406 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27406 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-32207 | libcurl | CRITICAL | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2022-22576 | libcurl | HIGH | 7.79.1-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | libcurl | HIGH | 7.79.1-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | libcurl | HIGH | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | libcurl | HIGH | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
CVE-2022-29458 | ncurses-libs | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2022-29458 | ncurses-terminfo-base | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r7 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release v1.1.3
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.1.3 (alpine 3.14.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 1.2.6, 0.2.4 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 | https://avd.aquasec.com/nvd/cve-2022-24999 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.6 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.6 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.1.3 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.1.3 (alpine 3.14.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28391 | busybox | HIGH | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1n-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-28391 | ssl_client | HIGH | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.12-r0 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 1.2.6, 0.2.4 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 | https://avd.aquasec.com/nvd/cve-2022-24999 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.6 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.6 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.1.3 (alpine 3.13.7)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28391 | busybox | HIGH | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r7 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-32207 | curl | CRITICAL | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2022-22576 | curl | HIGH | 7.79.1-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | curl | HIGH | 7.79.1-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | curl | HIGH | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | curl | HIGH | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
CVE-2022-27405 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27405 |
CVE-2022-27406 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27406 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-32207 | libcurl | CRITICAL | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2022-22576 | libcurl | HIGH | 7.79.1-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | libcurl | HIGH | 7.79.1-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | libcurl | HIGH | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | libcurl | HIGH | 7.79.1-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
CVE-2022-29458 | ncurses-libs | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2022-29458 | ncurses-terminfo-base | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r7 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r7 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release v1.1.2
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.1.2 (alpine 3.14.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 1.2.6, 0.2.4 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 | https://avd.aquasec.com/nvd/cve-2022-24999 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.6 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.6 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.1.2 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.1.2 (alpine 3.14.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28391 | busybox | HIGH | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-28391 | ssl_client | HIGH | 1.33.1-r6 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 1.2.6, 0.2.4 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 | https://avd.aquasec.com/nvd/cve-2022-24999 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.6 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.6 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.1.2 (alpine 3.13.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-42378 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2021-22945 | curl | CRITICAL | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
CVE-2022-32207 | curl | CRITICAL | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2021-22946 | curl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
CVE-2022-22576 | curl | HIGH | 7.78.0-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | curl | HIGH | 7.78.0-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | curl | HIGH | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | curl | HIGH | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
CVE-2022-27405 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27405 |
CVE-2022-27406 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27406 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-22945 | libcurl | CRITICAL | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
CVE-2022-32207 | libcurl | CRITICAL | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2021-22946 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
CVE-2022-22576 | libcurl | HIGH | 7.78.0-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | libcurl | HIGH | 7.78.0-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | libcurl | HIGH | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | libcurl | HIGH | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
CVE-2022-29458 | ncurses-libs | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2022-29458 | ncurses-terminfo-base | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release v1.1.1
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.1.1 (alpine 3.14.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 1.2.6, 0.2.4 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 | https://avd.aquasec.com/nvd/cve-2022-24999 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.6 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.6 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.1.1 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.1.1 (alpine 3.14.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 1.2.6, 0.2.4 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 | https://avd.aquasec.com/nvd/cve-2022-24999 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.6 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.6 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.1.1 (alpine 3.13.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-42378 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2021-22945 | curl | CRITICAL | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
CVE-2022-32207 | curl | CRITICAL | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2021-22946 | curl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
CVE-2022-22576 | curl | HIGH | 7.78.0-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | curl | HIGH | 7.78.0-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | curl | HIGH | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | curl | HIGH | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
CVE-2022-27405 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27405 |
CVE-2022-27406 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27406 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-22945 | libcurl | CRITICAL | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
CVE-2022-32207 | libcurl | CRITICAL | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2021-22946 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
CVE-2022-22576 | libcurl | HIGH | 7.78.0-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | libcurl | HIGH | 7.78.0-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | libcurl | HIGH | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | libcurl | HIGH | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
CVE-2022-29458 | ncurses-libs | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2022-29458 | ncurses-terminfo-base | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release v1.1.0
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.1.0 (alpine 3.14.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 1.2.6, 0.2.4 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 | https://avd.aquasec.com/nvd/cve-2022-24999 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.6 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.6 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.1.13, 1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
CVE-2021-39156 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39156 |
CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.13.1, 1.12.4, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.18.4, 1.17.7, 1.16.11 | https://avd.aquasec.com/nvd/cve-2020-8558 |
CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.1.0 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.1.0 (alpine 3.14.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 6.0.1, 5.0.1, 4.1.1, 3.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 1.2.6, 0.2.4 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 | https://avd.aquasec.com/nvd/cve-2022-24999 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.6 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.6 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.1.0 (alpine 3.13.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-42378 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2021-22945 | curl | CRITICAL | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
CVE-2022-32207 | curl | CRITICAL | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2021-22946 | curl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
CVE-2022-22576 | curl | HIGH | 7.78.0-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | curl | HIGH | 7.78.0-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | curl | HIGH | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | curl | HIGH | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
CVE-2022-27405 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27405 |
CVE-2022-27406 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27406 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-22945 | libcurl | CRITICAL | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
CVE-2022-32207 | libcurl | CRITICAL | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2021-22946 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
CVE-2022-22576 | libcurl | HIGH | 7.78.0-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | libcurl | HIGH | 7.78.0-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | libcurl | HIGH | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | libcurl | HIGH | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
CVE-2022-29458 | ncurses-libs | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2022-29458 | ncurses-terminfo-base | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Latest 1.0.x Gloo Portal Release: v1.0.5
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.0.5 (alpine 3.14.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 0.2.4, 1.2.6 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.2.4, 6.3.3, 6.4.1, 6.5.3, 6.6.1, 6.7.3, 6.8.3, 6.9.7, 6.10.3 | https://avd.aquasec.com/nvd/cve-2022-24999 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-40083 | github.com/labstack/echo | CRITICAL | v3.3.10+incompatible | v4.9.0 | https://avd.aquasec.com/nvd/cve-2022-40083 |
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2021-44716 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.0.0-20211209124913-491a49abca63 | https://avd.aquasec.com/nvd/cve-2021-44716 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.6 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.6 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
CVE-2022-31045 | istio.io/istio | CRITICAL | v0.0.0-20210423173126-13fb8ac89420 | 1.12.18, 1.13.5, 1.14.1 | https://avd.aquasec.com/nvd/cve-2022-31045 |
CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
CVE-2022-3294 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.22.16, 1.23.14, 1.24.8, 1.25.4 | https://avd.aquasec.com/nvd/cve-2022-3294 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.0.5 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.0.5 (alpine 3.14.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 0.2.4, 1.2.6 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.2.4, 6.3.3, 6.4.1, 6.5.3, 6.6.1, 6.7.3, 6.8.3, 6.9.7, 6.10.3 | https://avd.aquasec.com/nvd/cve-2022-24999 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2021-44716 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.0.0-20211209124913-491a49abca63 | https://avd.aquasec.com/nvd/cve-2021-44716 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.6 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.6 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.0.5 (alpine 3.13.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-42378 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2021-22945 | curl | CRITICAL | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
CVE-2022-32207 | curl | CRITICAL | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2021-22946 | curl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
CVE-2022-22576 | curl | HIGH | 7.78.0-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | curl | HIGH | 7.78.0-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | curl | HIGH | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | curl | HIGH | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
CVE-2022-27405 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27405 |
CVE-2022-27406 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27406 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-22945 | libcurl | CRITICAL | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
CVE-2022-32207 | libcurl | CRITICAL | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2021-22946 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
CVE-2022-22576 | libcurl | HIGH | 7.78.0-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | libcurl | HIGH | 7.78.0-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | libcurl | HIGH | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | libcurl | HIGH | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
CVE-2022-29458 | ncurses-libs | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2022-29458 | ncurses-terminfo-base | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release v1.0.4
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.0.4 (alpine 3.14.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 5.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 0.2.4, 1.2.6 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.2.4, 6.3.3, 6.4.1, 6.5.3, 6.6.1, 6.7.3, 6.8.3, 6.9.7, 6.10.3 | https://avd.aquasec.com/nvd/cve-2022-24999 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-40083 | github.com/labstack/echo | CRITICAL | v3.3.10+incompatible | v4.9.0 | https://avd.aquasec.com/nvd/cve-2022-40083 |
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2021-44716 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.0.0-20211209124913-491a49abca63 | https://avd.aquasec.com/nvd/cve-2021-44716 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.6 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.6 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
CVE-2022-31045 | istio.io/istio | CRITICAL | v0.0.0-20210423173126-13fb8ac89420 | 1.12.18, 1.13.5, 1.14.1 | https://avd.aquasec.com/nvd/cve-2022-31045 |
CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
CVE-2022-3294 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.22.16, 1.23.14, 1.24.8, 1.25.4 | https://avd.aquasec.com/nvd/cve-2022-3294 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.0.4 (ubuntu 18.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2022-0778 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.15 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2023-0286 | openssl | HIGH | 1.1.1-1ubuntu2.1~18.04.13 | 1.1.1-1ubuntu2.1~18.04.21 | https://avd.aquasec.com/nvd/cve-2023-0286 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.0.4 (alpine 3.14.2)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-42378 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2022-0778 | libretls | HIGH | 3.3.3p1-r2 | 3.3.3p1-r3 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-4450 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2022-4450 |
CVE-2023-0215 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0215 |
CVE-2023-0286 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r0 | https://avd.aquasec.com/nvd/cve-2023-0286 |
CVE-2023-0464 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1t-r1 | https://avd.aquasec.com/nvd/cve-2023-0464 |
CVE-2021-42378 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r6 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.33.1-r3 | 1.33.1-r7 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 5.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 0.2.4, 1.2.6 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.2.4, 6.3.3, 6.4.1, 6.5.3, 6.6.1, 6.7.3, 6.8.3, 6.9.7, 6.10.3 | https://avd.aquasec.com/nvd/cve-2022-24999 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2021-44716 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.0.0-20211209124913-491a49abca63 | https://avd.aquasec.com/nvd/cve-2021-44716 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210614182718-04defd469f4e | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.6 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.6 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.0.4 (alpine 3.13.6)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-42378 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2021-22945 | curl | CRITICAL | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
CVE-2022-32207 | curl | CRITICAL | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2021-22946 | curl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
CVE-2022-22576 | curl | HIGH | 7.78.0-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | curl | HIGH | 7.78.0-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | curl | HIGH | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | curl | HIGH | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
CVE-2022-27405 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27405 |
CVE-2022-27406 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27406 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-22945 | libcurl | CRITICAL | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
CVE-2022-32207 | libcurl | CRITICAL | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2021-22946 | libcurl | HIGH | 7.78.0-r0 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
CVE-2022-22576 | libcurl | HIGH | 7.78.0-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | libcurl | HIGH | 7.78.0-r0 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | libcurl | HIGH | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | libcurl | HIGH | 7.78.0-r0 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-23308 | libxml2 | HIGH | 2.9.12-r0 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.12-r0 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
CVE-2022-29458 | ncurses-libs | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2022-29458 | ncurses-terminfo-base | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release v1.0.3
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.0.3 (alpine 3.13.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
CVE-2021-42378 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 5.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 0.2.4, 1.2.6 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.2.4, 6.3.3, 6.4.1, 6.5.3, 6.6.1, 6.7.3, 6.8.3, 6.9.7, 6.10.3 | https://avd.aquasec.com/nvd/cve-2022-24999 |
CVE-2021-27290 | ssri | HIGH | 6.0.1 | 8.0.1, 7.1.1, 6.0.2 | https://avd.aquasec.com/nvd/cve-2021-27290 |
CVE-2021-32803 | tar | HIGH | 4.4.13 | 6.1.2, 5.0.7, 4.4.15, 3.2.3 | https://avd.aquasec.com/nvd/cve-2021-32803 |
CVE-2021-32804 | tar | HIGH | 4.4.13 | 6.1.1, 5.0.6, 4.4.14, 3.2.2 | https://avd.aquasec.com/nvd/cve-2021-32804 |
CVE-2021-37701 | tar | HIGH | 4.4.13 | 6.1.7, 5.0.8, 4.4.16 | https://avd.aquasec.com/nvd/cve-2021-37701 |
CVE-2021-37712 | tar | HIGH | 4.4.13 | 6.1.9, 5.0.10, 4.4.18 | https://avd.aquasec.com/nvd/cve-2021-37712 |
CVE-2021-37713 | tar | HIGH | 4.4.13 | 6.1.9, 5.0.10, 4.4.18 | https://avd.aquasec.com/nvd/cve-2021-37713 |
CVE-2020-7774 | y18n | HIGH | 4.0.0 | 5.0.5, 4.0.1, 3.2.2 | https://avd.aquasec.com/nvd/cve-2020-7774 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
CVE-2022-40083 | github.com/labstack/echo | CRITICAL | v3.3.10+incompatible | v4.9.0 | https://avd.aquasec.com/nvd/cve-2022-40083 |
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2021-33194 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20210520170846-37e1c6afe023 | https://avd.aquasec.com/nvd/cve-2021-33194 |
CVE-2021-44716 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20211209124913-491a49abca63 | https://avd.aquasec.com/nvd/cve-2021-44716 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.5 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.5 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
CVE-2022-31045 | istio.io/istio | CRITICAL | v0.0.0-20210423173126-13fb8ac89420 | 1.12.18, 1.13.5, 1.14.1 | https://avd.aquasec.com/nvd/cve-2022-31045 |
CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
CVE-2022-3294 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.22.16, 1.23.14, 1.24.8, 1.25.4 | https://avd.aquasec.com/nvd/cve-2022-3294 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.0.3 (ubuntu 16.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2020-1971 | libssl1.0.0 | HIGH | 1.0.2g-1ubuntu4.15 | 1.0.2g-1ubuntu4.18 | https://avd.aquasec.com/nvd/cve-2020-1971 |
CVE-2020-1971 | openssl | HIGH | 1.0.2g-1ubuntu4.15 | 1.0.2g-1ubuntu4.18 | https://avd.aquasec.com/nvd/cve-2020-1971 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.0.3 (alpine 3.13.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-42378 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1l-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 5.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 0.2.4, 1.2.6 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.2.4, 6.3.3, 6.4.1, 6.5.3, 6.6.1, 6.7.3, 6.8.3, 6.9.7, 6.10.3 | https://avd.aquasec.com/nvd/cve-2022-24999 |
CVE-2021-27290 | ssri | HIGH | 6.0.1 | 8.0.1, 7.1.1, 6.0.2 | https://avd.aquasec.com/nvd/cve-2021-27290 |
CVE-2021-32803 | tar | HIGH | 4.4.13 | 6.1.2, 5.0.7, 4.4.15, 3.2.3 | https://avd.aquasec.com/nvd/cve-2021-32803 |
CVE-2021-32804 | tar | HIGH | 4.4.13 | 6.1.1, 5.0.6, 4.4.14, 3.2.2 | https://avd.aquasec.com/nvd/cve-2021-32804 |
CVE-2021-37701 | tar | HIGH | 4.4.13 | 6.1.7, 5.0.8, 4.4.16 | https://avd.aquasec.com/nvd/cve-2021-37701 |
CVE-2021-37712 | tar | HIGH | 4.4.13 | 6.1.9, 5.0.10, 4.4.18 | https://avd.aquasec.com/nvd/cve-2021-37712 |
CVE-2021-37713 | tar | HIGH | 4.4.13 | 6.1.9, 5.0.10, 4.4.18 | https://avd.aquasec.com/nvd/cve-2021-37713 |
CVE-2020-7774 | y18n | HIGH | 4.0.0 | 5.0.5, 4.0.1, 3.2.2 | https://avd.aquasec.com/nvd/cve-2020-7774 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2021-33194 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20210520170846-37e1c6afe023 | https://avd.aquasec.com/nvd/cve-2021-33194 |
CVE-2021-44716 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20211209124913-491a49abca63 | https://avd.aquasec.com/nvd/cve-2021-44716 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.5 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.5 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.0.3 (alpine 3.13.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
CVE-2021-42378 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2021-22945 | curl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
CVE-2022-32207 | curl | CRITICAL | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
CVE-2021-22946 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
CVE-2022-22576 | curl | HIGH | 7.74.0-r1 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | curl | HIGH | 7.74.0-r1 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | curl | HIGH | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | curl | HIGH | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
CVE-2022-27405 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27405 |
CVE-2022-27406 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27406 |
CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-22945 | libcurl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
CVE-2022-32207 | libcurl | CRITICAL | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
CVE-2021-22946 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
CVE-2022-22576 | libcurl | HIGH | 7.74.0-r1 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | libcurl | HIGH | 7.74.0-r1 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | libcurl | HIGH | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | libcurl | HIGH | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.10-r6 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-23308 | libxml2 | HIGH | 2.9.10-r6 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.10-r6 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.10-r6 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
CVE-2022-29458 | ncurses-libs | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2022-29458 | ncurses-terminfo-base | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release v1.0.2
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.0.2 (alpine 3.13.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
CVE-2021-42378 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 5.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 0.2.4, 1.2.6 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.2.4, 6.3.3, 6.4.1, 6.5.3, 6.6.1, 6.7.3, 6.8.3, 6.9.7, 6.10.3 | https://avd.aquasec.com/nvd/cve-2022-24999 |
CVE-2021-27290 | ssri | HIGH | 6.0.1 | 8.0.1, 7.1.1, 6.0.2 | https://avd.aquasec.com/nvd/cve-2021-27290 |
CVE-2021-32803 | tar | HIGH | 4.4.13 | 6.1.2, 5.0.7, 4.4.15, 3.2.3 | https://avd.aquasec.com/nvd/cve-2021-32803 |
CVE-2021-32804 | tar | HIGH | 4.4.13 | 6.1.1, 5.0.6, 4.4.14, 3.2.2 | https://avd.aquasec.com/nvd/cve-2021-32804 |
CVE-2021-37701 | tar | HIGH | 4.4.13 | 6.1.7, 5.0.8, 4.4.16 | https://avd.aquasec.com/nvd/cve-2021-37701 |
CVE-2021-37712 | tar | HIGH | 4.4.13 | 6.1.9, 5.0.10, 4.4.18 | https://avd.aquasec.com/nvd/cve-2021-37712 |
CVE-2021-37713 | tar | HIGH | 4.4.13 | 6.1.9, 5.0.10, 4.4.18 | https://avd.aquasec.com/nvd/cve-2021-37713 |
CVE-2020-7774 | y18n | HIGH | 4.0.0 | 5.0.5, 4.0.1, 3.2.2 | https://avd.aquasec.com/nvd/cve-2020-7774 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
CVE-2022-40083 | github.com/labstack/echo | CRITICAL | v3.3.10+incompatible | v4.9.0 | https://avd.aquasec.com/nvd/cve-2022-40083 |
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2021-33194 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20210520170846-37e1c6afe023 | https://avd.aquasec.com/nvd/cve-2021-33194 |
CVE-2021-44716 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20211209124913-491a49abca63 | https://avd.aquasec.com/nvd/cve-2021-44716 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.5 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.5 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
CVE-2022-31045 | istio.io/istio | CRITICAL | v0.0.0-20210423173126-13fb8ac89420 | 1.12.18, 1.13.5, 1.14.1 | https://avd.aquasec.com/nvd/cve-2022-31045 |
CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
CVE-2022-3294 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.22.16, 1.23.14, 1.24.8, 1.25.4 | https://avd.aquasec.com/nvd/cve-2022-3294 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.0.2 (ubuntu 16.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2020-1971 | libssl1.0.0 | HIGH | 1.0.2g-1ubuntu4.15 | 1.0.2g-1ubuntu4.18 | https://avd.aquasec.com/nvd/cve-2020-1971 |
CVE-2020-1971 | openssl | HIGH | 1.0.2g-1ubuntu4.15 | 1.0.2g-1ubuntu4.18 | https://avd.aquasec.com/nvd/cve-2020-1971 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.0.2 (alpine 3.13.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-42378 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 5.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 0.2.4, 1.2.6 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.2.4, 6.3.3, 6.4.1, 6.5.3, 6.6.1, 6.7.3, 6.8.3, 6.9.7, 6.10.3 | https://avd.aquasec.com/nvd/cve-2022-24999 |
CVE-2021-27290 | ssri | HIGH | 6.0.1 | 8.0.1, 7.1.1, 6.0.2 | https://avd.aquasec.com/nvd/cve-2021-27290 |
CVE-2021-32803 | tar | HIGH | 4.4.13 | 6.1.2, 5.0.7, 4.4.15, 3.2.3 | https://avd.aquasec.com/nvd/cve-2021-32803 |
CVE-2021-32804 | tar | HIGH | 4.4.13 | 6.1.1, 5.0.6, 4.4.14, 3.2.2 | https://avd.aquasec.com/nvd/cve-2021-32804 |
CVE-2021-37701 | tar | HIGH | 4.4.13 | 6.1.7, 5.0.8, 4.4.16 | https://avd.aquasec.com/nvd/cve-2021-37701 |
CVE-2021-37712 | tar | HIGH | 4.4.13 | 6.1.9, 5.0.10, 4.4.18 | https://avd.aquasec.com/nvd/cve-2021-37712 |
CVE-2021-37713 | tar | HIGH | 4.4.13 | 6.1.9, 5.0.10, 4.4.18 | https://avd.aquasec.com/nvd/cve-2021-37713 |
CVE-2020-7774 | y18n | HIGH | 4.0.0 | 5.0.5, 4.0.1, 3.2.2 | https://avd.aquasec.com/nvd/cve-2020-7774 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2021-33194 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20210520170846-37e1c6afe023 | https://avd.aquasec.com/nvd/cve-2021-33194 |
CVE-2021-44716 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20211209124913-491a49abca63 | https://avd.aquasec.com/nvd/cve-2021-44716 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.5 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.5 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.0.2 (alpine 3.13.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
CVE-2021-42378 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2021-22945 | curl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
CVE-2022-32207 | curl | CRITICAL | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
CVE-2021-22946 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
CVE-2022-22576 | curl | HIGH | 7.74.0-r1 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | curl | HIGH | 7.74.0-r1 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | curl | HIGH | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | curl | HIGH | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
CVE-2022-27405 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27405 |
CVE-2022-27406 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27406 |
CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-22945 | libcurl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
CVE-2022-32207 | libcurl | CRITICAL | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
CVE-2021-22946 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
CVE-2022-22576 | libcurl | HIGH | 7.74.0-r1 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | libcurl | HIGH | 7.74.0-r1 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | libcurl | HIGH | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | libcurl | HIGH | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.10-r6 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-23308 | libxml2 | HIGH | 2.9.10-r6 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.10-r6 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.10-r6 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
CVE-2022-29458 | ncurses-libs | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2022-29458 | ncurses-terminfo-base | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release v1.0.1
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.0.1 (alpine 3.13.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
CVE-2021-42378 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 5.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 0.2.4, 1.2.6 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.2.4, 6.3.3, 6.4.1, 6.5.3, 6.6.1, 6.7.3, 6.8.3, 6.9.7, 6.10.3 | https://avd.aquasec.com/nvd/cve-2022-24999 |
CVE-2021-27290 | ssri | HIGH | 6.0.1 | 8.0.1, 7.1.1, 6.0.2 | https://avd.aquasec.com/nvd/cve-2021-27290 |
CVE-2021-32803 | tar | HIGH | 4.4.13 | 6.1.2, 5.0.7, 4.4.15, 3.2.3 | https://avd.aquasec.com/nvd/cve-2021-32803 |
CVE-2021-32804 | tar | HIGH | 4.4.13 | 6.1.1, 5.0.6, 4.4.14, 3.2.2 | https://avd.aquasec.com/nvd/cve-2021-32804 |
CVE-2021-37701 | tar | HIGH | 4.4.13 | 6.1.7, 5.0.8, 4.4.16 | https://avd.aquasec.com/nvd/cve-2021-37701 |
CVE-2021-37712 | tar | HIGH | 4.4.13 | 6.1.9, 5.0.10, 4.4.18 | https://avd.aquasec.com/nvd/cve-2021-37712 |
CVE-2021-37713 | tar | HIGH | 4.4.13 | 6.1.9, 5.0.10, 4.4.18 | https://avd.aquasec.com/nvd/cve-2021-37713 |
CVE-2020-7774 | y18n | HIGH | 4.0.0 | 5.0.5, 4.0.1, 3.2.2 | https://avd.aquasec.com/nvd/cve-2020-7774 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
CVE-2022-40083 | github.com/labstack/echo | CRITICAL | v3.3.10+incompatible | v4.9.0 | https://avd.aquasec.com/nvd/cve-2022-40083 |
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2021-33194 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20210520170846-37e1c6afe023 | https://avd.aquasec.com/nvd/cve-2021-33194 |
CVE-2021-44716 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20211209124913-491a49abca63 | https://avd.aquasec.com/nvd/cve-2021-44716 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.5 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.5 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
CVE-2022-31045 | istio.io/istio | CRITICAL | v0.0.0-20210423173126-13fb8ac89420 | 1.12.18, 1.13.5, 1.14.1 | https://avd.aquasec.com/nvd/cve-2022-31045 |
CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
CVE-2022-3294 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.22.16, 1.23.14, 1.24.8, 1.25.4 | https://avd.aquasec.com/nvd/cve-2022-3294 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.0.1 (ubuntu 16.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2020-1971 | libssl1.0.0 | HIGH | 1.0.2g-1ubuntu4.15 | 1.0.2g-1ubuntu4.18 | https://avd.aquasec.com/nvd/cve-2020-1971 |
CVE-2020-1971 | openssl | HIGH | 1.0.2g-1ubuntu4.15 | 1.0.2g-1ubuntu4.18 | https://avd.aquasec.com/nvd/cve-2020-1971 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.0.1 (alpine 3.13.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
CVE-2021-42378 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 5.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 0.2.4, 1.2.6 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.2.4, 6.3.3, 6.4.1, 6.5.3, 6.6.1, 6.7.3, 6.8.3, 6.9.7, 6.10.3 | https://avd.aquasec.com/nvd/cve-2022-24999 |
CVE-2021-27290 | ssri | HIGH | 6.0.1 | 8.0.1, 7.1.1, 6.0.2 | https://avd.aquasec.com/nvd/cve-2021-27290 |
CVE-2021-32803 | tar | HIGH | 4.4.13 | 6.1.2, 5.0.7, 4.4.15, 3.2.3 | https://avd.aquasec.com/nvd/cve-2021-32803 |
CVE-2021-32804 | tar | HIGH | 4.4.13 | 6.1.1, 5.0.6, 4.4.14, 3.2.2 | https://avd.aquasec.com/nvd/cve-2021-32804 |
CVE-2021-37701 | tar | HIGH | 4.4.13 | 6.1.7, 5.0.8, 4.4.16 | https://avd.aquasec.com/nvd/cve-2021-37701 |
CVE-2021-37712 | tar | HIGH | 4.4.13 | 6.1.9, 5.0.10, 4.4.18 | https://avd.aquasec.com/nvd/cve-2021-37712 |
CVE-2021-37713 | tar | HIGH | 4.4.13 | 6.1.9, 5.0.10, 4.4.18 | https://avd.aquasec.com/nvd/cve-2021-37713 |
CVE-2020-7774 | y18n | HIGH | 4.0.0 | 5.0.5, 4.0.1, 3.2.2 | https://avd.aquasec.com/nvd/cve-2020-7774 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2021-33194 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20210520170846-37e1c6afe023 | https://avd.aquasec.com/nvd/cve-2021-33194 |
CVE-2021-44716 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20211209124913-491a49abca63 | https://avd.aquasec.com/nvd/cve-2021-44716 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.5 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.5 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.0.1 (alpine 3.13.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
CVE-2021-42378 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2021-22945 | curl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
CVE-2022-32207 | curl | CRITICAL | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
CVE-2021-22946 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
CVE-2022-22576 | curl | HIGH | 7.74.0-r1 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | curl | HIGH | 7.74.0-r1 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | curl | HIGH | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | curl | HIGH | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
CVE-2022-27405 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27405 |
CVE-2022-27406 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27406 |
CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-22945 | libcurl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
CVE-2022-32207 | libcurl | CRITICAL | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
CVE-2021-22946 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
CVE-2022-22576 | libcurl | HIGH | 7.74.0-r1 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | libcurl | HIGH | 7.74.0-r1 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | libcurl | HIGH | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | libcurl | HIGH | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.10-r6 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-23308 | libxml2 | HIGH | 2.9.10-r6 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.10-r6 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.10-r6 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
CVE-2022-29458 | ncurses-libs | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2022-29458 | ncurses-terminfo-base | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Release v1.0.0
Gloo Portal gloo-portal-controller image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-controller:1.0.0 (alpine 3.13.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
CVE-2021-42378 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 5.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 0.2.4, 1.2.6 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.2.4, 6.3.3, 6.4.1, 6.5.3, 6.6.1, 6.7.3, 6.8.3, 6.9.7, 6.10.3 | https://avd.aquasec.com/nvd/cve-2022-24999 |
CVE-2021-27290 | ssri | HIGH | 6.0.1 | 8.0.1, 7.1.1, 6.0.2 | https://avd.aquasec.com/nvd/cve-2021-27290 |
CVE-2021-32803 | tar | HIGH | 4.4.13 | 6.1.2, 5.0.7, 4.4.15, 3.2.3 | https://avd.aquasec.com/nvd/cve-2021-32803 |
CVE-2021-32804 | tar | HIGH | 4.4.13 | 6.1.1, 5.0.6, 4.4.14, 3.2.2 | https://avd.aquasec.com/nvd/cve-2021-32804 |
CVE-2021-37701 | tar | HIGH | 4.4.13 | 6.1.7, 5.0.8, 4.4.16 | https://avd.aquasec.com/nvd/cve-2021-37701 |
CVE-2021-37712 | tar | HIGH | 4.4.13 | 6.1.9, 5.0.10, 4.4.18 | https://avd.aquasec.com/nvd/cve-2021-37712 |
CVE-2021-37713 | tar | HIGH | 4.4.13 | 6.1.9, 5.0.10, 4.4.18 | https://avd.aquasec.com/nvd/cve-2021-37713 |
CVE-2020-7774 | y18n | HIGH | 4.0.0 | 5.0.5, 4.0.1, 3.2.2 | https://avd.aquasec.com/nvd/cve-2020-7774 |
Vulnerabilities Listed for usr/local/bin/gloo-portal-controller
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
CVE-2022-40083 | github.com/labstack/echo | CRITICAL | v3.3.10+incompatible | v4.9.0 | https://avd.aquasec.com/nvd/cve-2022-40083 |
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2021-33194 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20210520170846-37e1c6afe023 | https://avd.aquasec.com/nvd/cve-2021-33194 |
CVE-2021-44716 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20211209124913-491a49abca63 | https://avd.aquasec.com/nvd/cve-2021-44716 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.5 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.5 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
CVE-2022-31045 | istio.io/istio | CRITICAL | v0.0.0-20210423173126-13fb8ac89420 | 1.12.18, 1.13.5, 1.14.1 | https://avd.aquasec.com/nvd/cve-2022-31045 |
CVE-2019-12995 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.2 | https://avd.aquasec.com/nvd/cve-2019-12995 |
CVE-2019-14993 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | v1.2.4 | https://avd.aquasec.com/nvd/cve-2019-14993 |
CVE-2021-39155 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.9.8, 1.10.4, 1.11.1 | https://avd.aquasec.com/nvd/cve-2021-39155 |
CVE-2022-23635 | istio.io/istio | HIGH | v0.0.0-20210423173126-13fb8ac89420 | 1.13.1, 1.11.7, 1.11.7 | https://avd.aquasec.com/nvd/cve-2022-23635 |
CVE-2020-8558 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.16.11, 1.17.7, 1.18.4 | https://avd.aquasec.com/nvd/cve-2020-8558 |
CVE-2021-25741 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.19.15, 1.20.11, 1.21.5, 1.22.2 | https://avd.aquasec.com/nvd/cve-2021-25741 |
CVE-2022-3294 | k8s.io/kubernetes | HIGH | v1.18.2 | 1.22.16, 1.23.14, 1.24.8, 1.25.4 | https://avd.aquasec.com/nvd/cve-2022-3294 |
Gloo Portal gloo-portal-admin-envoy image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-envoy:1.0.0 (ubuntu 16.04)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2020-1971 | libssl1.0.0 | HIGH | 1.0.2g-1ubuntu4.15 | 1.0.2g-1ubuntu4.18 | https://avd.aquasec.com/nvd/cve-2020-1971 |
CVE-2020-1971 | openssl | HIGH | 1.0.2g-1ubuntu4.15 | 1.0.2g-1ubuntu4.18 | https://avd.aquasec.com/nvd/cve-2020-1971 |
Gloo Portal gloo-portal-admin-server image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-server:1.0.0 (alpine 3.13.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-36159 | apk-tools | CRITICAL | 2.12.5-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
CVE-2021-42378 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r6 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r6 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |
Vulnerabilities Listed for Node.js
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-3807 | ansi-regex | HIGH | 3.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 4.1.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2021-3807 | ansi-regex | HIGH | 5.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | https://avd.aquasec.com/nvd/cve-2021-3807 |
CVE-2022-38900 | decode-uri-component | HIGH | 0.2.0 | 0.2.1 | https://avd.aquasec.com/nvd/cve-2022-38900 |
CVE-2022-25881 | http-cache-semantics | HIGH | 3.8.1 | 4.1.1 | https://avd.aquasec.com/nvd/cve-2022-25881 |
CVE-2021-3918 | json-schema | CRITICAL | 0.2.3 | 0.4.0 | https://avd.aquasec.com/nvd/cve-2021-3918 |
CVE-2022-3517 | minimatch | HIGH | 3.0.4 | 3.0.5 | https://avd.aquasec.com/nvd/cve-2022-3517 |
CVE-2021-44906 | minimist | CRITICAL | 1.2.5 | 0.2.4, 1.2.6 | https://avd.aquasec.com/nvd/cve-2021-44906 |
CVE-2022-24999 | qs | HIGH | 6.5.2 | 6.2.4, 6.3.3, 6.4.1, 6.5.3, 6.6.1, 6.7.3, 6.8.3, 6.9.7, 6.10.3 | https://avd.aquasec.com/nvd/cve-2022-24999 |
CVE-2021-27290 | ssri | HIGH | 6.0.1 | 8.0.1, 7.1.1, 6.0.2 | https://avd.aquasec.com/nvd/cve-2021-27290 |
CVE-2021-32803 | tar | HIGH | 4.4.13 | 6.1.2, 5.0.7, 4.4.15, 3.2.3 | https://avd.aquasec.com/nvd/cve-2021-32803 |
CVE-2021-32804 | tar | HIGH | 4.4.13 | 6.1.1, 5.0.6, 4.4.14, 3.2.2 | https://avd.aquasec.com/nvd/cve-2021-32804 |
CVE-2021-37701 | tar | HIGH | 4.4.13 | 6.1.7, 5.0.8, 4.4.16 | https://avd.aquasec.com/nvd/cve-2021-37701 |
CVE-2021-37712 | tar | HIGH | 4.4.13 | 6.1.9, 5.0.10, 4.4.18 | https://avd.aquasec.com/nvd/cve-2021-37712 |
CVE-2021-37713 | tar | HIGH | 4.4.13 | 6.1.9, 5.0.10, 4.4.18 | https://avd.aquasec.com/nvd/cve-2021-37713 |
CVE-2020-7774 | y18n | HIGH | 4.0.0 | 5.0.5, 4.0.1, 3.2.2 | https://avd.aquasec.com/nvd/cve-2020-7774 |
Vulnerabilities Listed for usr/local/bin/adminserver
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2020-26160 | github.com/dgrijalva/jwt-go | HIGH | v3.2.0+incompatible | https://avd.aquasec.com/nvd/cve-2020-26160 | |
CVE-2022-28946 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.40.0 | https://avd.aquasec.com/nvd/cve-2022-28946 |
CVE-2022-33082 | github.com/open-policy-agent/opa | HIGH | v0.29.4 | 0.42.0 | https://avd.aquasec.com/nvd/cve-2022-33082 |
CVE-2022-21698 | github.com/prometheus/client_golang | HIGH | v1.10.0 | 1.11.1 | https://avd.aquasec.com/nvd/cve-2022-21698 |
CVE-2021-43565 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20211202192323-5770296d904e | https://avd.aquasec.com/nvd/cve-2021-43565 |
CVE-2022-27191 | golang.org/x/crypto | HIGH | v0.0.0-20210513164829-c07d793c2f9a | 0.0.0-20220314234659-1baeb1ce4c0b | https://avd.aquasec.com/nvd/cve-2022-27191 |
CVE-2021-33194 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20210520170846-37e1c6afe023 | https://avd.aquasec.com/nvd/cve-2021-33194 |
CVE-2021-44716 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20211209124913-491a49abca63 | https://avd.aquasec.com/nvd/cve-2021-44716 |
CVE-2022-27664 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.0.0-20220906165146-f3363e06e74c | https://avd.aquasec.com/nvd/cve-2022-27664 |
CVE-2022-41723 | golang.org/x/net | HIGH | v0.0.0-20210405180319-a5a99cb37ef4 | 0.7.0 | https://avd.aquasec.com/nvd/cve-2022-41723 |
CVE-2021-38561 | golang.org/x/text | HIGH | v0.3.5 | 0.3.7 | https://avd.aquasec.com/nvd/cve-2021-38561 |
CVE-2022-32149 | golang.org/x/text | HIGH | v0.3.5 | 0.3.8 | https://avd.aquasec.com/nvd/cve-2022-32149 |
CVE-2022-28948 | gopkg.in/yaml.v3 | HIGH | v3.0.0-20200615113413-eeeca48fe776 | 3.0.0-20220521103104-8f96da9f5d5e | https://avd.aquasec.com/nvd/cve-2022-28948 |
Gloo Portal gloo-portal-admin-ui image
Vulnerabilities Listed for gcr.io/gloo-portal/gloo-portal-admin-ui:1.0.0 (alpine 3.13.4)
Vulnerability ID | Package | Severity | Installed Version | Fixed Version | Reference |
---|---|---|---|---|---|
CVE-2021-36159 | apk-tools | CRITICAL | 2.12.4-r0 | 2.12.6-r0 | https://avd.aquasec.com/nvd/cve-2021-36159 |
CVE-2021-30139 | apk-tools | HIGH | 2.12.4-r0 | 2.12.5-r0 | https://avd.aquasec.com/nvd/cve-2021-30139 |
CVE-2021-42378 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | busybox | HIGH | 1.32.1-r5 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2021-22945 | curl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
CVE-2022-32207 | curl | CRITICAL | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2021-22901 | curl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
CVE-2021-22946 | curl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
CVE-2022-22576 | curl | HIGH | 7.74.0-r1 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | curl | HIGH | 7.74.0-r1 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | curl | HIGH | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | curl | HIGH | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2022-27404 | freetype | CRITICAL | 2.10.4-r1 | 2.10.4-r2 | https://avd.aquasec.com/nvd/cve-2022-27404 |
CVE-2022-27405 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27405 |
CVE-2022-27406 | freetype | HIGH | 2.10.4-r1 | 2.10.4-r3 | https://avd.aquasec.com/nvd/cve-2022-27406 |
CVE-2021-3711 | libcrypto1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libcrypto1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-22945 | libcurl | CRITICAL | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22945 |
CVE-2022-32207 | libcurl | CRITICAL | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-32207 |
CVE-2021-22901 | libcurl | HIGH | 7.74.0-r1 | 7.77.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22901 |
CVE-2021-22946 | libcurl | HIGH | 7.74.0-r1 | 7.79.0-r0 | https://avd.aquasec.com/nvd/cve-2021-22946 |
CVE-2022-22576 | libcurl | HIGH | 7.74.0-r1 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-22576 |
CVE-2022-27775 | libcurl | HIGH | 7.74.0-r1 | 7.79.1-r1 | https://avd.aquasec.com/nvd/cve-2022-27775 |
CVE-2022-27781 | libcurl | HIGH | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27781 |
CVE-2022-27782 | libcurl | HIGH | 7.74.0-r1 | 7.79.1-r2 | https://avd.aquasec.com/nvd/cve-2022-27782 |
CVE-2021-33560 | libgcrypt | HIGH | 1.8.7-r0 | 1.8.8-r0 | https://avd.aquasec.com/nvd/cve-2021-33560 |
CVE-2021-3711 | libssl1.1 | CRITICAL | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3711 |
CVE-2021-3712 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1l-r0 | https://avd.aquasec.com/nvd/cve-2021-3712 |
CVE-2022-0778 | libssl1.1 | HIGH | 1.1.1k-r0 | 1.1.1n-r0 | https://avd.aquasec.com/nvd/cve-2022-0778 |
CVE-2021-3517 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3517 |
CVE-2021-3518 | libxml2 | HIGH | 2.9.10-r6 | 2.9.10-r7 | https://avd.aquasec.com/nvd/cve-2021-3518 |
CVE-2022-2309 | libxml2 | HIGH | 2.9.10-r6 | 2.9.14-r1 | https://avd.aquasec.com/nvd/cve-2022-2309 |
CVE-2022-23308 | libxml2 | HIGH | 2.9.10-r6 | 2.9.13-r0 | https://avd.aquasec.com/nvd/cve-2022-23308 |
CVE-2022-40303 | libxml2 | HIGH | 2.9.10-r6 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40303 |
CVE-2022-40304 | libxml2 | HIGH | 2.9.10-r6 | 2.9.14-r2 | https://avd.aquasec.com/nvd/cve-2022-40304 |
CVE-2021-30560 | libxslt | HIGH | 1.1.34-r0 | 1.1.35-r0 | https://avd.aquasec.com/nvd/cve-2021-30560 |
CVE-2022-29458 | ncurses-libs | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2022-29458 | ncurses-terminfo-base | HIGH | 6.2_p20210109-r0 | 6.2_p20210109-r1 | https://avd.aquasec.com/nvd/cve-2022-29458 |
CVE-2021-42378 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42378 |
CVE-2021-42379 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42379 |
CVE-2021-42380 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42380 |
CVE-2021-42381 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42381 |
CVE-2021-42382 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42382 |
CVE-2021-42383 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42383 |
CVE-2021-42384 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42384 |
CVE-2021-42385 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42385 |
CVE-2021-42386 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r7 | https://avd.aquasec.com/nvd/cve-2021-42386 |
CVE-2022-28391 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r8 | https://avd.aquasec.com/nvd/cve-2022-28391 |
CVE-2022-30065 | ssl_client | HIGH | 1.32.1-r5 | 1.32.1-r9 | https://avd.aquasec.com/nvd/cve-2022-30065 |
CVE-2022-1271 | xz-libs | HIGH | 5.2.5-r0 | 5.2.5-r1 | https://avd.aquasec.com/nvd/cve-2022-1271 |
CVE-2022-37434 | zlib | CRITICAL | 1.2.11-r3 | 1.2.12-r2 | https://avd.aquasec.com/nvd/cve-2022-37434 |
CVE-2018-25032 | zlib | HIGH | 1.2.11-r3 | 1.2.12-r0 | https://avd.aquasec.com/nvd/cve-2018-25032 |