Snyk Security report issues. #438

catkins · 2022-05-11T04:51:46Z

Summary

Similar to #423 there are a few high severity issues showing up in Snyk from dependencies.

github.com/kataras/iris CVE-2021-23772 / Snyk
- fixed in github.com/kataras/iris@12.2.0-alpha8
github.com/kataras/iris/v12 CVE-2021-23772 / Snyk
- fixed in github.com/kataras/iris@12.2.0-alpha8
github.com/coreos/etcd/embed CVE-2018-1098 / Snyk
- fixed in github.com/coreos/etcd/embed@3.4.0
github.com/coreos/etcd/etcdmain CVE-2018-1098 / Snyk
- fixed in github.com/coreos/etcd/embed@3.4.0
github.com/coreos/etcd/etcdmain CVE-2020-15114 / Snyk
- fixed in github.com/coreos/etcd/etcdmain@3.3.23, @3.4.10
github.com/coreos/etcd/etcdserver CVE-2018-1098 / Snyk
- fixed in github.com/coreos/etcd/etcdserver@3.4.0
github.com/coreos/etcd/pkg/httputil CVE-2018-1098 / Snyk
- fixed in github.com/coreos/etcd/pkg/httputil@3.4.0

The text was updated successfully, but these errors were encountered:

adrianosela · 2022-10-04T00:28:12Z

Hey folks, can we prioritize security fixes?

catkins added the Type: Bug label May 11, 2022

catkins mentioned this issue May 12, 2022

bump kataras/iris/v12 to current beta release to resolve CVE-2021-23772 #439

Closed

ghouscht mentioned this issue Jun 16, 2022

Remove unnecessary dependency update while updating sentry SDK version #437

Closed

TheoBrigitte mentioned this issue Aug 9, 2022

Security vulnerabilities report #465

Closed

kamilogorek mentioned this issue Oct 4, 2022

deps: Update all dependencies, add go1.19, drop go1.16, prepare changelog #477

Merged

kamilogorek closed this as completed in #477 Oct 4, 2022