Closed markitosgv closed 1 month ago
This issue has been flagged as a MEDIUM security risk by Aqua/Trivy.
https://www.cve.org/CVERecord?id=CVE-2024-24791
Could you please provide an estimated release date for the fix?
Thanks and best regards!
Hello, the reported CVE does not impact Supercronic, as it does not implement httputil.ReverseProxy, nor does it create any HTTP client connections using any of the listed affected symbols.
The Go version of Supercronic will be updated in a future release, however.
https://pkg.go.dev/vuln/GO-2024-2963
Please upgrade GO to >=1.22.5 to handle this Thanks!