search

aws / aws-xray-sdk-go

AWS X-Ray SDK for the Go programming language.
Apache License 2.0
276 stars 118 forks source link

Fix vulnerability of golang.org/x/net@v0.18.0 CVE-2023-45288 CWE-770 #462

Closed carlokuiper closed 2 months ago

carlokuiper commented 3 months ago

There is a vulnerability in the imported package golang.org/x/net It was detected by Snyk and is categorized as a high severity issue.

Fix: Please upgrade golang.org/x/net package to the latest version to resolve this issue.

Introduced through github.com/aws/aws-xray-sdk-go/xray@1.8.3 Fixed in golang.org/x/net/http2@0.23.0

https://www.cve.org/CVERecord?id=CVE-2023-45288 https://cwe.mitre.org/data/definitions/770.html

jj22ee commented 2 months ago

Resolved in:

carlokuiper commented 2 months ago

@jj22ee Awesome nice work!