Closed Thor77 closed 1 day ago
Im also facing the same issue, my daily image build pipelines started failing today because helm-diff, I would prefer to get a new release instead of ignoring the CVE if possible. I appreciate if we could have a new release updating the stdlib dependency from 1.22.2 to 1.22.4
PR is welcome.
v3.9.9 released.
The currently released version is still vulnerable to CVE-2024-24790 (at least according to security scanners, probably not really because it's not using the vulnerable code). Are there plans to create a new release in the near future so security scanners are happy again as well?