gloo icon indicating copy to clipboard operation
gloo copied to clipboard

Published 20 hours ago verified publisher icon solo-io

Security Alert: 1.8.36

Open soloio-bot opened this issue 2 years ago • 0 comments

quay.io/solo-io/access-logger:1.8.36

No Vulnerabilities Found for quay.io/solo-io/access-logger:1.8.36 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.8.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220314234659-1baeb1ce4c0b https://avd.aquasec.com/nvd/cve-2022-27191
CVE-2021-33194 golang.org/x/net HIGH v0.0.0-20210405180319-a5a99cb37ef4 0.0.0-20210520170846-37e1c6afe023 https://avd.aquasec.com/nvd/cve-2021-33194
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20210405180319-a5a99cb37ef4 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

quay.io/solo-io/certgen:1.8.36

No Vulnerabilities Found for quay.io/solo-io/certgen:1.8.36 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.8.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220314234659-1baeb1ce4c0b https://avd.aquasec.com/nvd/cve-2022-27191
CVE-2021-33194 golang.org/x/net HIGH v0.0.0-20210405180319-a5a99cb37ef4 0.0.0-20210520170846-37e1c6afe023 https://avd.aquasec.com/nvd/cve-2021-33194
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20210405180319-a5a99cb37ef4 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

quay.io/solo-io/discovery:1.8.36

No Vulnerabilities Found for quay.io/solo-io/discovery:1.8.36 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible v3.8.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.8.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220314234659-1baeb1ce4c0b https://avd.aquasec.com/nvd/cve-2022-27191
CVE-2021-33194 golang.org/x/net HIGH v0.0.0-20210405180319-a5a99cb37ef4 0.0.0-20210520170846-37e1c6afe023 https://avd.aquasec.com/nvd/cve-2021-33194
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20210405180319-a5a99cb37ef4 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

quay.io/solo-io/gateway:1.8.36

No Vulnerabilities Found for quay.io/solo-io/gateway:1.8.36 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/gateway

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible v3.8.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.8.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220314234659-1baeb1ce4c0b https://avd.aquasec.com/nvd/cve-2022-27191
CVE-2021-33194 golang.org/x/net HIGH v0.0.0-20210405180319-a5a99cb37ef4 0.0.0-20210520170846-37e1c6afe023 https://avd.aquasec.com/nvd/cve-2021-33194
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20210405180319-a5a99cb37ef4 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

quay.io/solo-io/gloo:1.8.36

No Vulnerabilities Found for quay.io/solo-io/gloo:1.8.36 (alpine 3.15.0)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible v3.8.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.8.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220314234659-1baeb1ce4c0b https://avd.aquasec.com/nvd/cve-2022-27191
CVE-2021-33194 golang.org/x/net HIGH v0.0.0-20210405180319-a5a99cb37ef4 0.0.0-20210520170846-37e1c6afe023 https://avd.aquasec.com/nvd/cve-2021-33194
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20210405180319-a5a99cb37ef4 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

quay.io/solo-io/gloo-envoy-wrapper:1.8.36

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.8.36 (alpine 3.15.0)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2021-33194 golang.org/x/net HIGH v0.0.0-20210405180319-a5a99cb37ef4 0.0.0-20210520170846-37e1c6afe023 https://avd.aquasec.com/nvd/cve-2021-33194
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20210405180319-a5a99cb37ef4 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

quay.io/solo-io/ingress:1.8.36

No Vulnerabilities Found for quay.io/solo-io/ingress:1.8.36 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible v3.8.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2022-21698 github.com/prometheus/client_golang HIGH v1.8.0 1.11.1 https://avd.aquasec.com/nvd/cve-2022-21698
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220314234659-1baeb1ce4c0b https://avd.aquasec.com/nvd/cve-2022-27191
CVE-2021-33194 golang.org/x/net HIGH v0.0.0-20210405180319-a5a99cb37ef4 0.0.0-20210520170846-37e1c6afe023 https://avd.aquasec.com/nvd/cve-2021-33194
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20210405180319-a5a99cb37ef4 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

quay.io/solo-io/sds:1.8.36

No Vulnerabilities Found for quay.io/solo-io/sds:1.8.36 (alpine 3.13.8)

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2022-1996 github.com/emicklei/go-restful CRITICAL v2.11.1+incompatible v3.8.0 https://avd.aquasec.com/nvd/cve-2022-1996
CVE-2022-27191 golang.org/x/crypto HIGH v0.0.0-20210513164829-c07d793c2f9a 0.0.0-20220314234659-1baeb1ce4c0b https://avd.aquasec.com/nvd/cve-2022-27191
CVE-2021-33194 golang.org/x/net HIGH v0.0.0-20210405180319-a5a99cb37ef4 0.0.0-20210520170846-37e1c6afe023 https://avd.aquasec.com/nvd/cve-2021-33194
CVE-2021-44716 golang.org/x/net HIGH v0.0.0-20210405180319-a5a99cb37ef4 0.0.0-20211209124913-491a49abca63 https://avd.aquasec.com/nvd/cve-2021-44716
CVE-2021-38561 golang.org/x/text HIGH v0.3.5 0.3.7 https://avd.aquasec.com/nvd/cve-2021-38561

soloio-bot avatar Jul 25 '22 17:07 soloio-bot