Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Snyk is reporting CVE-2023-7104 #2693

Closed
monwolf opened this issue May 14, 2024 · 4 comments
Closed

Snyk is reporting CVE-2023-7104 #2693

monwolf opened this issue May 14, 2024 · 4 comments
Assignees
@darccio
Labels
bug unintended behavior that has to be fixed

Comments

@monwolf
Copy link

monwolf commented May 14, 2024

Good afternoon,
We are using snyk to detect 3rd party vulns in our projects and we are getting a high vulnerability from your package.

gopkg.in/DataDog/[email protected]

image

To fix it, you just have to update from [email protected] to [email protected] 1.14.18

Best Regards,
@monwolf monwolf added the bug unintended behavior that has to be fixed label May 14, 2024
@github-actions github-actions bot added the needs-triage New issues that have not yet been triaged label May 14, 2024
@darccio darccio self-assigned this May 14, 2024
@darccio darccio removed the needs-triage New issues that have not yet been triaged label May 14, 2024
@monwolf
Copy link
Author

monwolf commented May 23, 2024

Hi @darccio,

have you had time to review this issue?

Regards,

@darccio
Copy link
Member

darccio commented May 23, 2024

@monwolf Yes, sorry, my reply slipped through the cracks. You can fix it in your side by importing v1.14.18 while we merge the update and release the next version.

darccio added a commit that referenced this issue May 28, 2024
@darccio
go.mod: upgrade github.com/mattn/go-sqlite3 up to v1.14.18 (#2693)
423225e
@darccio darccio mentioned this issue May 28, 2024
Merged
6 tasks
darccio added a commit that referenced this issue May 28, 2024
@darccio
go.mod: upgrade github.com/mattn/go-sqlite3 up to v1.14.18 (#2693) (#…
eab7297 
…2714)
@darccio
Copy link
Member

darccio commented Jun 3, 2024

Merged into main. During this week we'll start the next dd-trace-go release.

@darccio darccio closed this as completed Jun 3, 2024
@darccio
Copy link
Member

darccio commented Jun 13, 2024

@monwolf Released as v1.65.0.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@darccio darccio

Labels
bug unintended behavior that has to be fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@darccio @monwolf