Open
Description
Describe the bug
Summary from Trivy scan:
Vulnerability information:
+--------------------------------+-----------------------------+----------+-------------------+---------------+----------------------------------------------------------------------------+--------------------------------------------+
| Type | Library | Severity | Installed Version | Fixed Version | Summary | More Details |
+--------------------------------+-----------------------------+----------+-------------------+---------------+----------------------------------------------------------------------------+--------------------------------------------+
| bin/argo-events (gobinary) | golang.org/x/crypto (None) | CRITICAL | v0.29.0 | 0.31.0 | Applications and libraries which misuse the ServerConfig.PublicKeyCall ... | https://avd.aquasec.com/nvd/cve-2024-45337 |
| usr/local/bin/argo (gobinary) | golang.org/x/crypto (None) | CRITICAL | v0.24.0 | 0.31.0 | Applications and libraries which misuse the ServerConfig.PublicKeyCall ... | https://avd.aquasec.com/nvd/cve-2024-45337 |
+--------------------------------+-----------------------------+----------+-------------------+---------------+----------------------------------------------------------------------------+--------------------------------------------+
To Reproduce
N/A
Expected behavior
No CRITICAL vulnerabilities found,
Screenshots
N/A
Environment (please complete the following information):
- Argo Events: v1.9.3
Additional context
N/A
Message from the maintainers:
If you wish to see this enhancement implemented please add a 👍 reaction to this issue! We often sort issues this way to know what to prioritize.
Activity