Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Please update go to 1.21.9 or 1.22.2 for CVE GHSA-4v7x-pqxf-cx7m #5900

Open
1 task done
akoshok1 opened this issue Apr 22, 2024 · 1 comment
Open
1 task done

Please update go to 1.21.9 or 1.22.2 for CVE GHSA-4v7x-pqxf-cx7m #5900

akoshok1 opened this issue Apr 22, 2024 · 1 comment
Assignees
@randmonkey
Labels
bug Something isn't working
Milestone
KIC v3.1.x

Comments

@akoshok1
Copy link

Is there an existing issue for this?

  • I have searched the existing issues

Current Behavior

CVE GHSA-4v7x-pqxf-cx7m shows up in scans against 3.1.3

Expected Behavior

Ideally this CVE will not show up in scans.

Steps To Reproduce

Scan deck 3.1.3 with Anchore, TwistLock or the like.  Verify CVE GHSA-4v7x-pqxf-cx7m

Kong Ingress Controller version

3.1.3

Kubernetes version

Any version

Anything else?

No response
@akoshok1 akoshok1 added the bug Something isn't working label Apr 22, 2024
@randmonkey randmonkey added this to the KIC v3.1.x milestone Apr 23, 2024
@czeslavo
Copy link
Contributor

https://pkg.go.dev/vuln/GO-2024-2687 for context.

This was referenced Apr 25, 2024
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@randmonkey randmonkey

Labels
bug Something isn't working
Projects
None yet
Milestone
KIC v3.1.x
Development

No branches or pull requests
3 participants
@czeslavo @randmonkey @akoshok1