New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Snyk: gosnowflake gopkg.in/yaml.v2 v2.2.2 | Snyk ID - SNYK-GOLANG-GOPKGINYAMLV2-3315326 #722

Closed

github-actions bot opened this issue Feb 9, 2023 · 1 comment

Assignees

Labels

security vulnerability

github-actions bot commented Feb 9, 2023

Title: Snyk: gosnowflake gopkg.in/yaml.v2 v2.2.2
Additional information on Snyk can be found here: https://snyk.io/org/snowflakedb-sca-scanning-public-repo/project/70187b64-3a98-4b6f-a945-48604ebb7832
Repo: gosnowflake
CVE: CVE-2022-3064
Package Type: golang
Package Name: gopkg.in/yaml.v2
Package Version: v2.2.2
Snyk ID: SNYK-GOLANG-GOPKGINYAMLV2-3315326
Vulnerability URL: http://security.snyk.io/vuln/SNYK-GOLANG-GOPKGINYAMLV2-3315326
Severity: high
Introduced Date: 2023-02-09
Projects with Vulnerability: snowflakedb/gosnowflake:go.mod
Target File: go.mod
JIRA Ticket: https://snowflakecomputing.atlassian.net/browse/SNOW-741235

sfc-gh-sfaber added the security vulnerability label

sfc-gh-ext-simba-lb self-assigned this

sfc-gh-ext-simba-lb mentioned this issue

Replace vulnerable dependencies with latest versions #745

Merged

6 tasks

Contributor

sfc-gh-ext-simba-lb commented Mar 15, 2023

Fixed in #745

sfc-gh-ext-simba-lb closed this as completed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment