Closed jorander closed 1 year ago
Pact-Broker is already using the latest version of SuperCronic. I have opened an issue with the SuperCronic project asking them to upgrade their underlaying Go-lang-version. When that is resolved and a new version of SuperCronic is released we can do an upgrade and resolve this issue as well.
The issue I opened with the SuperCronic project has now been fixed in their latest version. An upgrade is provided in the attached pull request.
Pre issue-raising checklist
I have already (please mark the applicable with an
x
):Software versions
Expected behaviour
No CVE:s with severity High from used of SuperCronic
Actual behaviour
Several CVE:s with severity High from used of SuperCronic.
Steps to reproduce
Security scan provided by Jfrog Xray.
Relevent log files
N/A