Fix for CVE-2022-1996 (Score: 9.1) #508
Labels
kind/bug
Categorizes issue or PR as related to a bug.
lifecycle/stale
Denotes an issue or PR has remained open with no activity and has become stale.
Hi,
our security scan tool find a possible very high security issue for the CVE-2022-1996.
How it this repository affected?
This affected the go-module emicklei/go-restful for versions before 3.8.0.
In this repository is version 2.15.0 used (https://github.com/kubernetes-sigs/prometheus-adapter/blob/master/go.sum#L158).
Solution
At the moment there exist already a fix but for the newest version 3.8.0:
Code for the fix: emicklei/go-restful@fd3c327
Issue: emicklei/go-restful#489
Can you please update your Go modules to the newest state to fix this issue?
Best regards
Sandra
The text was updated successfully, but these errors were encountered: