Fix vulnerabilities: GO-2023-2102, GO-2023-1988 #45

alexandear · 2024-01-29T15:15:12Z

The PR fixes the following govulncheck issues:

There are 2 vulnerabilities in modules that you require that are
neither imported nor called. You may not need to take any action.
See https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck for details.

Vulnerability #1: GO-2023-2102
    HTTP/2 rapid reset can cause excessive work in net/http
  More info: https://pkg.go.dev/vuln/GO-2023-2102
  Module: golang.org/x/net
    Found in: golang.org/x/[email protected]
    Fixed in: golang.org/x/[email protected]

Vulnerability #2: GO-2023-1988
    Improper rendering of text nodes in golang.org/x/net/html
  More info: https://pkg.go.dev/vuln/GO-2023-1988
  Module: golang.org/x/net
    Found in: golang.org/x/[email protected]
    Fixed in: golang.org/x/[email protected]

Your code is affected by 2 vulnerabilities from 1 module.

Fix vulnerabilities: GO-2023-2102, GO-2023-1988

6dfabeb

alexandear force-pushed the fix-vulnerabilities branch from f8f72ee to 6dfabeb Compare January 29, 2024 15:16

alexandear merged commit 2e5a9e7 into main Jan 29, 2024
4 of 5 checks passed

alexandear deleted the fix-vulnerabilities branch January 29, 2024 15:17

alexandear mentioned this pull request Feb 11, 2024

Fix "cannot create empty commit: clean working tree" #49

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix vulnerabilities: GO-2023-2102, GO-2023-1988 #45

Fix vulnerabilities: GO-2023-2102, GO-2023-1988 #45

alexandear commented Jan 29, 2024 •

edited

Loading

Fix vulnerabilities: GO-2023-2102, GO-2023-1988 #45

Fix vulnerabilities: GO-2023-2102, GO-2023-1988 #45

Conversation

alexandear commented Jan 29, 2024 • edited Loading

alexandear commented Jan 29, 2024 •

edited

Loading