Uploaded image for project: 'Go Driver'
  1. Go Driver
  2. GODRIVER-2233

vulnerability alert for github.com/gobuffalo/packr/v2 dependency

    XMLWordPrintableJSON

Details

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Blocker - P1 Blocker - P1
    • 1.8.0, 1.7.5
    • 1.7.4
    • None
    • None
    • Not Needed

    Description

      Users of  the go.mongodb.org/mongo-driver golang package are starting to see Snyk vulnerability alerts due to the github.com/gobuffalo/packr/v2 dependency.

      Snyk link: https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGOBUFFALOPACKRV2-1920670

       

      Per the Snyk vulnerability, version 2.3.2 of the packr/v2 package appears to be fixed.

      Please deliver a new version of the mongo-driver package that avoids this vulnerability.

      Attachments

        Activity

          People

            Unassigned Unassigned
            padamstx@gmail.com Phil Adams
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: