[Bug] Critical and High vulnerability - CVE-2024-45337, CVE-2024-45338 #1614
Labels
kind/support
Categorizes issue or PR as a support question.
needs-triage
Indicates an issue or PR lacks a `triage/foo` label and requires one.
Comments
k8s-ci-robot
added
the
kind/support
|
This issue is currently awaiting triage. If metrics-server contributors determine this is a relevant issue, they will accept it by applying the The Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
k8s-ci-robot
added
the
needs-triage
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The latest version 0.7.2 contains the following vulnerabilities:
CVE-2024-45337 (Critical)
CVE-2024-45338 (High)
Vulnerability details: https://nvd.nist.gov/vuln/detail/CVE-2024-45337
Vulnerability details: https://nvd.nist.gov/vuln/detail/CVE-2024-45338
Fix:
CVE-2024-45337 | golang.org/x/crypto | Critical | - | 0.31.0
CVE-2024-45338 | golang.org/x/net | High | - | 0.33.0
/kind support
The text was updated successfully, but these errors were encountered: