build(deps): bump golang.org/x/net from 0.54.0 to 0.55.0 (#1625) #731
Annotations
1 warning and 10 notices
|
Complete job
Node.js 20 is deprecated. The following actions target Node.js 20 but are being forced to run on Node.js 24: crazy-max/ghaction-container-scan@4d8e0acba576e46016cbd65b9ecfc604e85e3990, docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|
|
Scan for vulnerabilities (amd64 only)
CVE-2026-9076 - LOW severity - openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption vulnerability in libcrypto3
|
|
Scan for vulnerabilities (amd64 only)
CVE-2026-7383 - LOW severity - openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing vulnerability in libcrypto3
|
|
Scan for vulnerabilities (amd64 only)
CVE-2026-45446 - LOW severity - openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes vulnerability in libcrypto3
|
|
Scan for vulnerabilities (amd64 only)
CVE-2026-42770 - LOW severity - openssl: FFC-DH Peer Validation Uses Attacker-Supplied q vulnerability in libcrypto3
|
|
Scan for vulnerabilities (amd64 only)
CVE-2026-42769 - LOW severity - openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate vulnerability in libcrypto3
|
|
Scan for vulnerabilities (amd64 only)
CVE-2026-42768 - LOW severity - openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() vulnerability in libcrypto3
|
|
Scan for vulnerabilities (amd64 only)
CVE-2026-42767 - LOW severity - openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption vulnerability in libcrypto3
|
|
Scan for vulnerabilities (amd64 only)
CVE-2026-42766 - LOW severity - openssl: Possible NULL Dereference in Password-Based CMS Decryption vulnerability in libcrypto3
|
|
Scan for vulnerabilities (amd64 only)
CVE-2026-34181 - LOW severity - openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys vulnerability in libcrypto3
|
|
Scan for vulnerabilities (amd64 only)
CVE-2026-34180 - LOW severity - openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. vulnerability in libcrypto3
|
background
wait
wait-all
cancel
parallel
Loading