search

kubernetes-sigs / metrics-server

Scalable and efficient source of container resource metrics for Kubernetes built-in autoscaling pipelines.
https://kubernetes.io/docs/tasks/debug-application-cluster/resource-metrics-pipeline/
Apache License 2.0
5.63k stars 1.85k forks source link

CVE-2024-24790 - Vulnerability reported for metrics-server 0.7.1 #1519

Open harangar opened 2 weeks ago

harangar commented 2 weeks ago

Hi,

CVE-2024-24790 - stdlib-go 1.21.5 - This vulnerability has been reported for metrics server version 0.7.1. Please update the golang version to 1.22.4 or higher.

/kind support

k8s-ci-robot commented 2 weeks ago

This issue is currently awaiting triage.

If metrics-server contributors determine this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.
yangjunmyfm192085 commented 2 weeks ago

/assign