search

databus23 / helm-diff

A helm plugin that shows a diff explaining what a helm upgrade would change
Apache License 2.0
2.68k stars 279 forks source link

Critical vulnerability in sqlite3 - CVE-2023-7104 #647

Closed anthonymag closed 1 month ago

anthonymag commented 2 months ago

The package 1.14.15 for sqlite3 contains a critical vulnerability: https://github.com/databus23/helm-diff/blob/master/go.sum#L286-L287

Details here: https://nvd.nist.gov/vuln/detail/cve-2023-7104

Please consider upgrading.

Thanks!

yxxhero commented 2 months ago

@anthonymag PR is welcome. I will patch a new release for this cve.

yxxhero commented 1 month ago

@anthonymag please report this issue on helm github repo. thanks.