Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update go 1.23.3 to fix vulnerabilities #165

Open
daniel-palmer-gu opened this issue Feb 13, 2025 · 1 comment · May be fixed by #166
Open

Update go 1.23.3 to fix vulnerabilities #165

daniel-palmer-gu opened this issue Feb 13, 2025 · 1 comment · May be fixed by #166

Comments

@daniel-palmer-gu
Copy link

The following vulnerabilities all look to be tied to go 1.23.3

They are all found within /function when scanning the container

Affected version: v0.9.1

id source severity package
CVE-2024-45336 Anchore CVE Medium stdlib-go1.23.3
CVE-2024-45336 Twistlock CVE Low net/http-1.23.3
CVE-2024-45341 Anchore CVE Medium stdlib-go1.23.3
CVE-2024-45341 Twistlock CVE Low crypto/x509-1.23.3
CVE-2025-22866 Anchore CVE Medium stdlib-go1.23.3
CVE-2025-22866 Twistlock CVE Low crypto/internal/nistec-1.23.3
@daniel-palmer-gu
Copy link
Author

Looks like the bot has a PR open, but needs some additional changes before it can be merged in #110

@daniel-palmer-gu daniel-palmer-gu linked a pull request Feb 13, 2025 that will close this issue
Open
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

deps: update go 1.24.0 daniel-palmer-gu/function-go-templating
1 participant
@daniel-palmer-gu