You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While scanning by using twist locks , we have observed few go package vulnerabilities for the alert manger
prometheus/alertmanager version : v0.24.0
Description: In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.
Alert manger is using 1.17 version to compile the binary and this have the following CVE CVE-2022-27664
Do you have any plan to release alertmanager version with the latest go package version of 1.19.1?
The text was updated successfully, but these errors were encountered:
While scanning by using twist locks , we have observed few go package vulnerabilities for the alert manger
prometheus/alertmanager version : v0.24.0
Description: In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.
Alert manger is using 1.17 version to compile the binary and this have the following CVE
CVE-2022-27664
Do you have any plan to release alertmanager version with the latest go package version of 1.19.1?
The text was updated successfully, but these errors were encountered: