| Library | Vulnerability | Severity | Status | Installed Version | Fixed Version | Title | |---------------------------|----------------|-----------|--------|-------------------|---------------|--------------------------------------------------------------------------------------------| | github.com/golang-jwt/jwt/v4 | CVE-2024-51744 | LOW | fixed | v4.4.2 | 4.5.1 | golang-jwt: Bad documentation of error handling in ParseWithClaims can lead to potentially... [Details](https://avd.aquasec.com/nvd/cve-2024-51744) | | golang.org/x/crypto | CVE-2024-45337 | CRITICAL | | v0.27.0 | 0.31.0 | golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto. [Details](https://avd.aquasec.com/nvd/cve-2024-45337) | | golang.org/x/net | CVE-2024-45338 | HIGH | | v0.29.0 | 0.33.0 | golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html. [Details](https://avd.aquasec.com/nvd/cve-2024-45338) |
