CVE-2023-45288 in golang.org/x/net #2393
Labels
kind/bug
Categorizes issue or PR as related to a bug.
needs-triage
Indicates an issue or PR lacks a `triage/foo` label and requires one.
Comments
k8s-ci-robot
added
the
needs-triage
|
This issue is currently awaiting triage. If kube-state-metrics contributors determine this is a relevant issue, they will accept it by applying the The Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
Closed
|
There is a need for triaging here due to the critical vulnerability in kube-state-metrics. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CVE-2023-45288 vulnerability found in golang.org/x/net version 0.23.0.
After running a trivi scan on kube-state-metrics v2.12.0 this CVE persisted.
This is fixed in #2385. Another release needs to be declared with this fixed.
The text was updated successfully, but these errors were encountered: