CVEs detected in Golang stdlib for latest image

The following CVEs were found, via `trivy`, in Golang's stdlib from the latest image on Docker hub.

<h3>Target <code>serve</code></h3>
<h4>Vulnerabilities (4)</h4>
<table>
    <tr>
        <th>Package</th>
        <th>ID</th>
        <th>Severity</th>
        <th>Installed Version</th>
        <th>Fixed Version</th>
    </tr>
    <tr>
        <td><code>stdlib</code></td>
        <td>CVE-2024-34156</td>
        <td>HIGH</td>
        <td>1.22.4</td>
        <td>1.22.7, 1.23.1</td>
    </tr>
    <tr>
        <td><code>stdlib</code></td>
        <td>CVE-2024-24791</td>
        <td>MEDIUM</td>
        <td>1.22.4</td>
        <td>1.21.12, 1.22.5</td>
    </tr>
    <tr>
        <td><code>stdlib</code></td>
        <td>CVE-2024-34155</td>
        <td>MEDIUM</td>
        <td>1.22.4</td>
        <td>1.22.7, 1.23.1</td>
    </tr>
    <tr>
        <td><code>stdlib</code></td>
        <td>CVE-2024-34158</td>
        <td>MEDIUM</td>
        <td>1.22.4</td>
        <td>1.22.7, 1.23.1</td>
    </tr>
</table>
<h4>No Misconfigurations found</h4>

It should be sufficient to bump the Golang version to 1.22.7 to resolve this

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

CVEs detected in Golang stdlib for latest image #111

Target `serve`

Vulnerabilities (4)

No Misconfigurations found

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Package	ID	Severity	Installed Version	Fixed Version
`stdlib`	CVE-2024-34156	HIGH	1.22.4	1.22.7, 1.23.1
`stdlib`	CVE-2024-24791	MEDIUM	1.22.4	1.21.12, 1.22.5
`stdlib`	CVE-2024-34155	MEDIUM	1.22.4	1.22.7, 1.23.1
`stdlib`	CVE-2024-34158	MEDIUM	1.22.4	1.22.7, 1.23.1

Uh oh!

CVEs detected in Golang stdlib for latest image #111

Description

Target serve

Vulnerabilities (4)

No Misconfigurations found

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions

Target `serve`