Open xtremerui opened 1 year ago
Hi there, from our CVE scans we see there are bunch of Golang 1.20.4 std lib CVEs reported for binary vrf, for example some critical ones:
1.20.4
vrf
https://nvd.nist.gov/vuln/detail/CVE-2023-29405 https://nvd.nist.gov/vuln/detail/CVE-2023-29404 https://nvd.nist.gov/vuln/detail/CVE-2023-29402 https://nvd.nist.gov/vuln/detail/CVE-2023-39323
Wondering are those applicable? If yes, should we expect release with Golang bump? Thank you!
Hi there, from our CVE scans we see there are bunch of Golang
1.20.4std lib CVEs reported for binaryvrf, for example some critical ones:https://nvd.nist.gov/vuln/detail/CVE-2023-29405 https://nvd.nist.gov/vuln/detail/CVE-2023-29404 https://nvd.nist.gov/vuln/detail/CVE-2023-29402 https://nvd.nist.gov/vuln/detail/CVE-2023-39323
Wondering are those applicable? If yes, should we expect release with Golang bump? Thank you!