CVE-2023-24535 states that a vulnerability has been found in google.golang.org/protobuf@v1.26.0, which is an indirect dependency of supercronic. This vulnerability is remediated in google.golang.org/protobuf@v1.29.1. I recommend upgrading the direct dependency github.com/prometheus/client_golang@v1.12.2 to a version that includes this upgraded library (i.e. >= v1.15.0).
CVE-2023-24535 states that a vulnerability has been found in google.golang.org/protobuf@v1.26.0, which is an indirect dependency of supercronic. This vulnerability is remediated in google.golang.org/protobuf@v1.29.1. I recommend upgrading the direct dependency github.com/prometheus/client_golang@v1.12.2 to a version that includes this upgraded library (i.e. >= v1.15.0).