fix(deps): update module github.com/imroc/req to v3 [security] #52

renovate · 2025-02-04T08:03:19Z

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
github.com/imroc/req	`v0.3.2` -> `v3.43.4`

GitHub Vulnerability Alerts

CVE-2024-45258

The req library is a widely used HTTP library in Go. However, it does not handle malformed URLs effectively. As a result, after parsing a malformed URL, the library may send HTTP requests to unexpected destinations, potentially leading to security vulnerabilities or unintended behavior in applications relying on this library for handling HTTP requests.

Despite developers potentially utilizing the net/url library to parse malformed URLs and implement blocklists to prevent HTTP requests to listed URLs, inconsistencies exist between how the net/url and req libraries parse URLs. These discrepancies can lead to the failure of defensive strategies, resulting in potential security threats such as Server-Side Request Forgery (SSRF) and Remote Code Execution (RCE).

Release Notes

imroc/req (github.com/imroc/req)

fix(deps): update module github.com/imroc/req to v3 [security] #52

Are you sure you want to change the base?

fix(deps): update module github.com/imroc/req to v3 [security] #52

Conversation

renovate bot commented Feb 4, 2025

GitHub Vulnerability Alerts

Release Notes

v3.43.4: Release

v3.43.3: Release

v3.43.2: Release

v3.43.1: Release

v3.43.0: Release

v3.42.3: Release

v3.42.2: Release

v3.42.1: Release

v3.42.0: Release

v3.41.12: Release

v3.41.11: Release

v3.41.10: Release

v3.41.9: Release

v3.41.8: Release

v3.41.7: Release

v3.41.6: Release

v3.41.5: Release

v3.41.4: Release

v3.41.3: Release

v3.41.2: Release

v3.41.1: Release

v3.41.0: Release

v3.40.1: Release

v3.40.0: Release

v3.39.0: Release

v3.38.0: Release

v3.37.2: Release

v3.37.1: Release

v3.37.0: Release

v3.36.2: Release

v3.36.1: Release

v3.36.0: Release

v3.35.2: Release

v3.35.1: Release

v3.35.0: Release

v3.34.0: Release

v3.33.2: Release

v3.33.1: Release

v3.33.0: Release

v3.32.3: Release

v3.32.2: Release

v3.32.1: Release

v3.32.0: Release

v3.31.2: Release

v3.31.1: Release

v3.31.0: Release

v3.30.0: Release

v3.29.0: Release

v3.28.0: Release

v3.27.0: Release

v3.26.7: Release

v3.26.6: Release

v3.26.5: Release

v3.26.4: Release

v3.26.3: Release

v3.26.2: Release

v3.26.1: Release

v3.26.0: Release

v3.25.0: Release

v3.24.1: Release

v3.24.0: Release

v3.23.0: Release

v3.22.1: Release

v3.22.0: Release

v3.21.1: Release

v3.21.0: Release

v3.20.1: Release

v3.20.0: Release

v3.19.2: Release

v3.19.1: Release

v3.19.0: Release

v3.18.0: Release

v3.17.7: Release

`v3.43.4`: Release

`v3.43.3`: Release

`v3.43.2`: Release

`v3.43.1`: Release

`v3.43.0`: Release

`v3.42.3`: Release

`v3.42.2`: Release

`v3.42.1`: Release

`v3.42.0`: Release

`v3.41.12`: Release

`v3.41.11`: Release

`v3.41.10`: Release

`v3.41.9`: Release

`v3.41.8`: Release

`v3.41.7`: Release

`v3.41.6`: Release

`v3.41.5`: Release

`v3.41.4`: Release

`v3.41.3`: Release

`v3.41.2`: Release

`v3.41.1`: Release

`v3.41.0`: Release

`v3.40.1`: Release

`v3.40.0`: Release

`v3.39.0`: Release

`v3.38.0`: Release

`v3.37.2`: Release

`v3.37.1`: Release

`v3.37.0`: Release

`v3.36.2`: Release

`v3.36.1`: Release

`v3.36.0`: Release

`v3.35.2`: Release

`v3.35.1`: Release

`v3.35.0`: Release

`v3.34.0`: Release

`v3.33.2`: Release

`v3.33.1`: Release

`v3.33.0`: Release

`v3.32.3`: Release

`v3.32.2`: Release

`v3.32.1`: Release

`v3.32.0`: Release

`v3.31.2`: Release

`v3.31.1`: Release

`v3.31.0`: Release

`v3.30.0`: Release

`v3.29.0`: Release

`v3.28.0`: Release

`v3.27.0`: Release

`v3.26.7`: Release

`v3.26.6`: Release

`v3.26.5`: Release

`v3.26.4`: Release

`v3.26.3`: Release

`v3.26.2`: Release

`v3.26.1`: Release

`v3.26.0`: Release

`v3.25.0`: Release

`v3.24.1`: Release

`v3.24.0`: Release

`v3.23.0`: Release

`v3.22.1`: Release

`v3.22.0`: Release

`v3.21.1`: Release

`v3.21.0`: Release

`v3.20.1`: Release

`v3.20.0`: Release

`v3.19.2`: Release

`v3.19.1`: Release

`v3.19.0`: Release

`v3.18.0`: Release

`v3.17.7`: Release

`v3.17.6`: Release

`v3.17.5`: Release

`v3.17.4`: Release

`v3.17.3`: Release

`v3.17.2`: Release

`v3.17.1`: Release

`v3.17.0`: Release