You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@Rizwana777 why is this closed ? i still see the vulnerable version
I have raised PR against release branch and the release branch have some problem in packages and I couldn't push my changes to the closed PR above, and also as per the comments on other PRs , we need to raise a PR against release branch which will be cherry picked to release brach, I have raised a new PR against branch
Summary
The outdated versions of
go-retryablehttp
are vulnerable to CVE-2024-6104, which has been categorised as Moderate.Motivation
The issue affects the url which might write sensitive information to log file
Proposal
The recommended solution is to upgrade the version of
go-retryablehttp
to0.7.7
for versionsv1.6.0
,master
branches.The text was updated successfully, but these errors were encountered: