Skip to content

Bump Go to 1.24.10 to remove CVEs #215

New issue
New issue
Closed
Closed
Bump Go to 1.24.10 to remove CVEs#215
Assignees
lbroudoux
Labels
component/builddependenciesPull requests that update a dependency filekind/taskProject maintenance task
Milestone
1.0.2
@lbroudoux

Description

@lbroudoux
lbroudoux
opened on Nov 28, 2025
Severity Vulnerability CVSS score Current package version Fix version CVE location
critical CVE-2025-22871 9.1 pkg:golang/[email protected] 1.24.2 Layer 22
high CVE-2025-58188 7.5 pkg:golang/[email protected] 1.24.8 Layer 22
high CVE-2025-58187 7.5 pkg:golang/[email protected] 1.24.9 Layer 22
high CVE-2025-61723 7.5 pkg:golang/[email protected] 1.24.8 Layer 22
high CVE-2025-22874 7.5 pkg:golang/[email protected] 1.24.4 Layer 22
high CVE-2025-61725 7.5 pkg:golang/[email protected] 1.24.8 Layer 22

Metadata

Metadata

Assignees

Labels

component/builddependenciesPull requests that update a dependency filekind/taskProject maintenance task

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions