Vulnerabilities in go packages

jpillora / chisel

A fast TCP/UDP tunnel over HTTP

MIT License

12.36k stars 1.32k forks source link

Vulnerabilities in go packages #423

Open markshep opened 1 year ago

markshep commented 1 year ago

I'm making my own Docker image using the pre-built chisel 1.8.1 binaries from the releases page and Docker is telling me that four of the go packages contain vulnerabilities:

Screenshot 2023-04-19 at 16 56 26

Are these safe to use or should I be looking to build from source using fixed versions of the go packages?

jpillora commented 10 months ago

Can you plz check the new v1.9.0 image?