goss icon indicating copy to clipboard operation
goss copied to clipboard
verified publisher icon goss-org

CVE on goss

Open ramzee opened this issue 1 year ago • 3 comments

Describe the bug 1 High CVE on goss

image

How To Reproduce Sysdig scan on docker build.

Expected Behavior Clear CVE report

Actual Behavior Reported CVE

Environment:

  • goss v0.4.9
  • goss-linux-amd64

ramzee avatar Dec 17 '24 19:12 ramzee

For the reference, it's CVE-2024-45337, further described in GO-2024-3321

mouchar avatar Jan 09 '25 12:01 mouchar

in case of CVE-2024-45337 maybe it is also worth to have a look on CVE-2025-22869

pimperator avatar Jun 16 '25 10:06 pimperator

Y'all are entirely enabled to send a PR updating dependencies.

ripienaar avatar Jun 16 '25 10:06 ripienaar