Closed andyasp closed 1 year ago
Since #25 went in I figured another release may be cut soon, so I did another quick scan and cleanup.
Original scan:
go.mod (gomod) Total: 2 (UNKNOWN: 0, LOW: 0, MEDIUM: 2, HIGH: 0, CRITICAL: 0) ┌──────────────────────────────────┬────────────────┬──────────┬───────────────────┬────────────────┬──────────────────────────────────────────────────────────────┐ │ Library │ Vulnerability │ Severity │ Installed Version │ Fixed Version │ Title │ ├──────────────────────────────────┼────────────────┼──────────┼───────────────────┼────────────────┼──────────────────────────────────────────────────────────────┤ │ github.com/containerd/containerd │ CVE-2022-23471 │ MEDIUM │ 1.6.8 │ 1.5.16, 1.6.12 │ containerd is an open source container runtime. A bug was │ │ │ │ │ │ │ found in... │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-23471 │ ├──────────────────────────────────┼────────────────┤ ├───────────────────┼────────────────┼──────────────────────────────────────────────────────────────┤ │ golang.org/x/net │ CVE-2022-41717 │ │ 0.1.0 │ 0.4.0 │ An attacker can cause excessive memory growth in a Go server │ │ │ │ │ │ │ accepting... │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-41717 │ └──────────────────────────────────┴────────────────┴──────────┴───────────────────┴────────────────┴──────────────────────────────────────────────────────────────┘
Since #25 went in I figured another release may be cut soon, so I did another quick scan and cleanup.
Original scan: