Open nnovaeshc opened 8 months ago
CircleCI CLI Version: v0.1.29936
Operating System: Linux
CircleCI CLI seems to carry the IN1-GOLANG-GITHUBCOMCLOUDFLARECIRCLPKEKYBERINTERNALCOMMON-6150686 - github.com/cloudflare/circl due to dependency on circl 1.3.6. It seems that updating the dependency to 1.3.7 closes the vulnerability.
The same vulnerability is also reported as GHSA-9763-4f94-gfch
Meta:
CircleCI CLI Version: v0.1.29936
Operating System: Linux
Additional Information:
CircleCI CLI seems to carry the IN1-GOLANG-GITHUBCOMCLOUDFLARECIRCLPKEKYBERINTERNALCOMMON-6150686 - github.com/cloudflare/circl due to dependency on circl 1.3.6. It seems that updating the dependency to 1.3.7 closes the vulnerability.
The same vulnerability is also reported as GHSA-9763-4f94-gfch