Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE Vulnerability CVE-2023-3978 in dependency #135

Closed
luzemail opened this issue Oct 5, 2023 · 1 comment · Fixed by #137
Closed

CVE Vulnerability CVE-2023-3978 in dependency #135

luzemail opened this issue Oct 5, 2023 · 1 comment · Fixed by #137
Assignees
@samcoe
Labels
enhancement New feature or request

Comments

@luzemail
Copy link

luzemail commented Oct 5, 2023

In go.mod i see this dependency
golang.org/x/net v0.7.0 // indirect

this version is affected by CVE-2023-3978

I believe that updating golang.org/x/text v0.7.0 should solve this
@samcoe
Copy link
Contributor

samcoe commented Oct 5, 2023

@luzemail Thanks for opening this, I am working to resolve it for our next release 👍

@samcoe samcoe self-assigned this Oct 5, 2023
@samcoe samcoe mentioned this issue Oct 6, 2023
Merged
@samcoe samcoe added the enhancement New feature or request label Oct 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@samcoe samcoe

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update dependencies to address security vulnerability cli/go-gh
2 participants
@luzemail @samcoe