Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE-2022-41723 in golang.org/x/net #2025

Closed
ivgenys opened this issue Mar 13, 2023 · 5 comments
Closed

CVE-2022-41723 in golang.org/x/net #2025

ivgenys opened this issue Mar 13, 2023 · 5 comments
Labels
kind/bug Categorizes issue or PR as related to a bug. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one.

Comments

@ivgenys
Copy link

ivgenys commented Mar 13, 2023

CVE-2022-41723 vulnerability found in golang.org/x/net version 0.4.0.
This is fixed in 0.7.0 according our scanners and to golang/go#57855.

  • kube-state-metrics version: 2.8.1
@ivgenys ivgenys added the kind/bug Categorizes issue or PR as related to a bug. label Mar 13, 2023
@k8s-ci-robot k8s-ci-robot added the needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. label Mar 13, 2023
@k8s-ci-robot
Copy link
Contributor

This issue is currently awaiting triage.

If kube-state-metrics contributors determine this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@CatherineF-dev
Copy link
Contributor

It has used net v0.8 in #2003, which will be included in next release.

@CatherineF-dev
Copy link
Contributor

Hi, it's released in v2.8.2 #2029

@dgrisonnet
Copy link
Member

Closing since it has been fixed.

/close

@k8s-ci-robot
Copy link
Contributor

@dgrisonnet: Closing this issue.

In response to this:

Closing since it has been fixed.

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@k8s-ci-robot @dgrisonnet @ivgenys @CatherineF-dev