CVE-2024-24790

[dhiaayachi]

The latest temporalio/admin-tools, temporalio/server and temporalio/ui images are using a version of Go that is impacted by CVE-2024-24790.

Updating Go to 1.21.11 or newer would fix the issue.

[dhiaayachi]

Thanks for reporting this! The latest temporalio/admin-tools, temporalio/server and temporalio/ui images are using a version of Go that is impacted by CVE-2024-24790.

You can fix this by updating Go to 1.21.11 or newer.

[dhiaayachi]

Thanks for reporting this! This is a known issue. Please review the Temporal Security page for updates and mitigation recommendations.

[dhiaayachi]

Thanks for reporting this! It's a known issue and is tracked in the following Temporal issue: https://github.com/temporalio/temporal/issues/3984.

Until it is fixed, you can update to a newer version of Go that is not impacted by this vulnerability.