Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: bump github.com/hashicorp/go-getter-v1.7.5 #2162

Merged
merged 1 commit into from
Jul 1, 2024
Merged

chore: bump github.com/hashicorp/go-getter-v1.7.5 #2162

merged 1 commit into from
Jul 1, 2024

Conversation

chen-keinan
Copy link
Contributor 

ghcr.io/aquasecurity/trivy-operator:5d266cfb4c9b643446c2262160c5d5f04b95f651-amd64 (alpine 3.19.1)
==================================================================================================
Total: 0 (HIGH: 0, CRITICAL: 0)


usr/local/bin/trivy-operator (gobinary)
=======================================
Total: 1 (HIGH: 1, CRITICAL: 0)

┌────────────────────────────────┬───────────────┬──────────┬────────┬───────────────────┬───────────────┬──────────────────────────────────────────────────────────┐
│            Library             │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │                          Title                           │
├────────────────────────────────┼───────────────┼──────────┼────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────┤
│ github.com/hashicorp/go-getter │ CVE-2024-6257 │ HIGH     │ fixed  │ v1.7.4            │ 1.7.5         │ hashicorp/go-getter: Arbitrary command execution through │
│                                │               │          │        │                   │               │ local git config file                                    │
│                                │               │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-6257                │
└────────────────────────────────┴───────────────┴──────────┴────────┴───────────────────┴───────────────┴──────────────────────────────────────────────────────────┘

@chen-keinan chen-keinan changed the title bump/github.com/hashicorp/go-getter-1v.7.5 bump: github.com/hashicorp/go-getter-1v.7.5 Jun 29, 2024
@chen-keinan chen-keinan force-pushed the bump/hashicorp-1.4.5 branch 2 times, most recently from dc0af97 to e9a8adc Compare June 29, 2024 19:47
@chen-keinan chen-keinan changed the title bump: github.com/hashicorp/go-getter-1v.7.5 bump: github.com/hashicorp/go-getter-v1.7.5 Jun 29, 2024
@chen-keinan chen-keinan changed the title bump: github.com/hashicorp/go-getter-v1.7.5 chore: bump github.com/hashicorp/go-getter-v1.7.5 Jun 29, 2024
@github-actions github-actions bot added the misc label Jun 29, 2024
@chen-keinan
chore: bump github.com/hashicorp/go-getter-v1.7.5
b1a9a2e 
Signed-off-by: chenk <hen.keinan@gmail.com>
@chen-keinan chen-keinan force-pushed the bump/hashicorp-1.4.5 branch from e9a8adc to b1a9a2e Compare June 29, 2024 19:49
@chen-keinan chen-keinan merged commit 74a7d44 into aquasecurity:main Jul 1, 2024
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
misc
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@chen-keinan