Bumping golang to latest version required due to multiple HIGH CVEsΒ #1327
Description
Vulnerability tools detect multiple HIGH vulnerabilities on golang-migrate v4.19.0
All the following CVEs affects binaries compiled using Go versions before go1.24.8 and from go1.25.0 before go1.25.2:
CVE-2025-47912
CVE-2025-58186
CVE-2025-61723
CVE-2025-58187
CVE-2025-61725
CVE-2025-58188
CVE-2025-61724
CVE-2025-58183
It would be very important to have asap a new version of golang-migrate compiled with the latest available Golang version.