Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] [Security] High CVEs found in whereabouts 0.5.4 #292

Open
yuyangbj opened this issue Jan 12, 2023 · 0 comments
Open

[BUG] [Security] High CVEs found in whereabouts 0.5.4 #292

yuyangbj opened this issue Jan 12, 2023 · 0 comments

Comments

@yuyangbj
Copy link

Describe the bug

CVE-2022-27664 | High | 7.5 | whereabouts:v0.5.4 | ip-control-loop | golang.org/x/net
CVE-2022-32149 | High | 7.5 | whereabouts:v0.5.4| ip-control-loop | golang.org/x/text
CVE-2022-27664 | High | 7.5 | whereabouts:v0.5.4 | ip-reconciler | golang.org/x/net
CVE-2022-32149 | High | 7.5 | whereabouts:v0.5.4 | ip-reconciler | golang.org/x/text
CVE-2022-32149 | High | 7.5 | whereabouts:v0.5.4 | whereabouts | golang.org/x/net
CVE-2022-27664 | High | 7.5 | whereabouts:v0.5.4 | whereabouts | golang.org/x/text

Expected behavior
When do we fix them?

To Reproduce
Steps to reproduce the behavior:
1.
2.
3.

Environment:

  • Whereabouts version : N/A
  • Kubernetes version (use kubectl version): N/A
  • Network-attachment-definition: N/A
  • Whereabouts configuration (on the host): N/A
  • OS (e.g. from /etc/os-release): N/A
  • Kernel (e.g. uname -a): N/A
  • Others: N/A

Additional info / context
Add any other information / context about the problem here.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Bump golang.org/x/net to v0.5.0
1 participant
@yuyangbj