Skip to content

Security Alert: 1.20.9 #11119

New issue
New issue
Open
Open
Security Alert: 1.20.9#11119
Assignees
davidjumaniandy-fong
Labels
trivyvulnerability
@soloio-bot

Description

@soloio-bot
soloio-bot
opened on Feb 2, 2026

quay.io/solo-io/access-logger:1.20.9

Vulnerabilities Listed for quay.io/solo-io/access-logger:1.20.9 (alpine 3.21.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2025-15467 libcrypto3 CRITICAL 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-15467
CVE-2025-69419 libcrypto3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69419
CVE-2025-69421 libcrypto3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69421
CVE-2025-15467 libssl3 CRITICAL 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-15467
CVE-2025-69419 libssl3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69419
CVE-2025-69421 libssl3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69421

Vulnerabilities Listed for usr/local/bin/access-logger

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2025-68121 stdlib CRITICAL v1.24.11 1.24.13, 1.25.7, 1.26.0-rc.3 https://avd.aquasec.com/nvd/cve-2025-68121
CVE-2025-61726 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61726
CVE-2025-61728 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61728
CVE-2025-61730 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61730

quay.io/solo-io/certgen:1.20.9

Vulnerabilities Listed for quay.io/solo-io/certgen:1.20.9 (alpine 3.21.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2025-15467 libcrypto3 CRITICAL 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-15467
CVE-2025-69419 libcrypto3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69419
CVE-2025-69421 libcrypto3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69421
CVE-2025-15467 libssl3 CRITICAL 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-15467
CVE-2025-69419 libssl3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69419
CVE-2025-69421 libssl3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69421

Vulnerabilities Listed for usr/local/bin/certgen

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2025-68121 stdlib CRITICAL v1.24.11 1.24.13, 1.25.7, 1.26.0-rc.3 https://avd.aquasec.com/nvd/cve-2025-68121
CVE-2025-61726 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61726
CVE-2025-61728 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61728
CVE-2025-61730 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61730

quay.io/solo-io/discovery:1.20.9

Vulnerabilities Listed for quay.io/solo-io/discovery:1.20.9 (alpine 3.21.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2025-15467 libcrypto3 CRITICAL 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-15467
CVE-2025-69419 libcrypto3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69419
CVE-2025-69421 libcrypto3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69421
CVE-2025-15467 libssl3 CRITICAL 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-15467
CVE-2025-69419 libssl3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69419
CVE-2025-69421 libssl3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69421

Vulnerabilities Listed for usr/local/bin/discovery

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2025-68121 stdlib CRITICAL v1.24.11 1.24.13, 1.25.7, 1.26.0-rc.3 https://avd.aquasec.com/nvd/cve-2025-68121
CVE-2025-61726 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61726
CVE-2025-61728 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61728
CVE-2025-61730 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61730

quay.io/solo-io/gloo:1.20.9

No Vulnerabilities Found for quay.io/solo-io/gloo:1.20.9 (ubuntu 24.04)

Vulnerabilities Listed for usr/local/bin/gloo

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2025-68121 stdlib CRITICAL v1.24.11 1.24.13, 1.25.7, 1.26.0-rc.3 https://avd.aquasec.com/nvd/cve-2025-68121
CVE-2025-61726 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61726
CVE-2025-61728 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61728
CVE-2025-61730 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61730

quay.io/solo-io/gloo-envoy-wrapper:1.20.9

No Vulnerabilities Found for quay.io/solo-io/gloo-envoy-wrapper:1.20.9 (ubuntu 24.04)

Vulnerabilities Listed for usr/local/bin/envoyinit

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2025-68121 stdlib CRITICAL v1.24.11 1.24.13, 1.25.7, 1.26.0-rc.3 https://avd.aquasec.com/nvd/cve-2025-68121
CVE-2025-61726 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61726
CVE-2025-61728 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61728
CVE-2025-61730 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61730

quay.io/solo-io/ingress:1.20.9

Vulnerabilities Listed for quay.io/solo-io/ingress:1.20.9 (alpine 3.21.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2025-15467 libcrypto3 CRITICAL 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-15467
CVE-2025-69419 libcrypto3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69419
CVE-2025-69421 libcrypto3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69421
CVE-2025-15467 libssl3 CRITICAL 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-15467
CVE-2025-69419 libssl3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69419
CVE-2025-69421 libssl3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69421

Vulnerabilities Listed for usr/local/bin/ingress

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2025-68121 stdlib CRITICAL v1.24.11 1.24.13, 1.25.7, 1.26.0-rc.3 https://avd.aquasec.com/nvd/cve-2025-68121
CVE-2025-61726 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61726
CVE-2025-61728 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61728
CVE-2025-61730 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61730

quay.io/solo-io/kubectl:1.20.9

Vulnerabilities Listed for quay.io/solo-io/kubectl:1.20.9 (alpine 3.21.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2025-15467 libcrypto3 CRITICAL 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-15467
CVE-2025-69419 libcrypto3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69419
CVE-2025-69421 libcrypto3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69421
CVE-2025-15467 libssl3 CRITICAL 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-15467
CVE-2025-69419 libssl3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69419
CVE-2025-69421 libssl3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69421

Vulnerabilities Listed for usr/local/bin/kubectl

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2025-68121 stdlib CRITICAL v1.24.11 1.24.13, 1.25.7, 1.26.0-rc.3 https://avd.aquasec.com/nvd/cve-2025-68121
CVE-2025-61726 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61726
CVE-2025-61728 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61728
CVE-2025-61730 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61730

quay.io/solo-io/sds:1.20.9

Vulnerabilities Listed for quay.io/solo-io/sds:1.20.9 (alpine 3.21.5)

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2025-15467 libcrypto3 CRITICAL 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-15467
CVE-2025-69419 libcrypto3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69419
CVE-2025-69421 libcrypto3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69421
CVE-2025-15467 libssl3 CRITICAL 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-15467
CVE-2025-69419 libssl3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69419
CVE-2025-69421 libssl3 HIGH 3.3.5-r0 3.3.6-r0 https://avd.aquasec.com/nvd/cve-2025-69421

Vulnerabilities Listed for usr/local/bin/sds

Vulnerability ID Package Severity Installed Version Fixed Version Reference
CVE-2025-68121 stdlib CRITICAL v1.24.11 1.24.13, 1.25.7, 1.26.0-rc.3 https://avd.aquasec.com/nvd/cve-2025-68121
CVE-2025-61726 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61726
CVE-2025-61728 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61728
CVE-2025-61730 stdlib HIGH v1.24.11 1.24.12, 1.25.6 https://avd.aquasec.com/nvd/cve-2025-61730

Metadata

Metadata

Assignees

Labels

trivyvulnerability

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions