go-http-metrics icon indicating copy to clipboard operation
go-http-metrics copied to clipboard

Published 20 hours ago verified publisher icon slok

Security Vulnerability: gopkg.in/yaml.v3

Open sanjayjohn opened this issue 3 years ago • 0 comments

gopkg.in/yaml.v3 is a YAML support package for the Go language.

Affected versions of this package are vulnerable to NULL Pointer Dereference when parsing #\n-\n-\n0 via the parserc.go parser.

v0.10.0 is still on an outdated version: https://github.com/slok/go-http-metrics/blob/v0.10.0/go.mod#L59

sanjayjohn avatar Aug 10 '22 20:08 sanjayjohn