cjimti
commented
2 years ago $ go mod why github.com/emicklei/go-restful
# github.com/emicklei/go-restful
(main module does not need package github.com/emicklei/go-restful)$ go mod graph | grep github.com/emicklei/go-restful
k8s.io/kube-openapi@v0.0.0-20211115234752-e816edb12b65 github.com/emicklei/go-restful@v0.0.0-20170410110728-ff4f55a20633
k8s.io/kube-openapi@v0.0.0-20210421082810-95288971da7e github.com/emicklei/go-restful@v0.0.0-20170410110728-ff4f55a20633
k8s.io/code-generator@v0.23.5 github.com/emicklei/go-restful@v2.9.5+incompatible@rshelby5 can you please explain how this CVE is affects kubefwd?
Trivy Scan CVE-2022-1996 for github.com/emicklei/go-restful/v3 v3.8.0. Needs to be updated https://github.com/txn2/kubefwd/blob/7f754299a7a237b3b254fae41dba33fd0f76f735/go.sum#L127 to https://github.com/kubernetes/kubernetes/pull/110518 v3.8.0