Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vulnerability CVE-2024-41110 #2788

Open
githubdevops24 opened this issue Aug 2, 2024 · 1 comment
Open

Vulnerability CVE-2024-41110 #2788

githubdevops24 opened this issue Aug 2, 2024 · 1 comment
Labels
stale

Comments

@githubdevops24
Copy link

githubdevops24 commented Aug 2, 2024
edited
Loading

Message: The vulnerability was found in the Github Security Advisory with vendor severity: Critical

The library github.com/docker/docker version 25.0.5+incompatible was detected in Golang binary located at /awscollector and is vulnerable to CVE-2024-41110, which exists in versions >= 24.0.0, < 26.1.4.

Is there any info on when [aws-otel-collector] github.com/docker/docker v25.0.5+incompatible will be updated to 25.0.6 ?
(https://github.com/aws-observability/aws-otel-collector/tree/311c612da46c22aa0e32d3787dd422bbaba8e83d)
/go.mod
Can you please release a new version to fix this high severity security issue?
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Oct 6, 2024

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 30 days.

@github-actions github-actions bot added the stale label Oct 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@githubdevops24