We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security tooling showing high cve CVE-2023-44487 on the release manager image for the latest version.
CVE to not exist.
N/A
This will require upgrading Golang to a later patch version to then pull in a newer version of the net package.
uname -a
The text was updated successfully, but these errors were encountered:
Sorry, something went wrong.
/assign
Bumping golang.org/x/net to 0.17.0 should fix this CVE, see https://github.com/golang/net/releases/tag/v0.17.0 and GHSA-qppj-fm5r-hxr3
golang.org/x/net
YanzhaoLi
Successfully merging a pull request may close this issue.
What happened?
Security tooling showing high cve CVE-2023-44487 on the release manager image for the latest version.
What did you expect to happen?
CVE to not exist.
How can we reproduce it (as minimally and precisely as possible)?
N/A
Anything else we need to know (please consider providing level 4 or above logs of CPI)?
This will require upgrading Golang to a later patch version to then pull in a newer version of the net package.
Kubernetes version
N/A
Cloud provider or hardware configuration
N/A
OS version
N/A
Kernel (e.g.
uname -a
)N/A
Install tools
N/A
Container runtime (CRI) and and version (if applicable)
N/A
Related plugins (CNI, CSI, ...) and versions (if applicable)
N/A
Others
N/A
The text was updated successfully, but these errors were encountered: