Closed abudan-wb closed 4 months ago
When installing GOSU 1.17 in a alpine image install gosu, vulnerabilities scan shows that GOSU brings CVE-2023-29403 from runtime golang dependency.
Vulnerability scan report:
https://nvd.nist.gov/vuln/detail/CVE-2023-29403
Please provide new update of GOSU.
Please (re-)read https://github.com/tianon/gosu/blob/052c5c2b186b84c4d9a41ed4f327490ef8d746fe/SECURITY.md
tianon
commented
4 months ago tianon
commented
4 months ago
When installing GOSU 1.17 in a alpine image install gosu, vulnerabilities scan shows that GOSU brings CVE-2023-29403 from runtime golang dependency.
Vulnerability scan report:
https://nvd.nist.gov/vuln/detail/CVE-2023-29403
Please provide new update of GOSU.