The following vulnerabilities were recently fixed in sops dependencies:
| NAME |
INSTALLED |
FIXED IN |
VULNERABILITY |
SEVERITY |
| golang.org/x/crypto |
v0.51.0 |
0.52.0 |
GO-2026-5006 |
Critical |
| golang.org/x/crypto |
v0.51.0 |
0.52.0 |
GO-2026-5023 |
Critical |
| golang.org/x/crypto |
v0.51.0 |
0.52.0 |
GO-2026-5017 |
Critical |
| golang.org/x/crypto |
v0.51.0 |
0.52.0 |
GO-2026-5020 |
Critical |
| golang.org/x/net |
v0.54.0 |
0.55.0 |
GO-2026-5026 |
Critical |
| golang.org/x/crypto |
v0.51.0 |
0.52.0 |
GO-2026-5005 |
Critical |
| golang.org/x/crypto |
v0.51.0 |
0.52.0 |
GO-2026-5021 |
Critical |
| golang.org/x/crypto |
v0.51.0 |
0.52.0 |
GO-2026-5019 |
Critical |
The sops codebase already includes the fixed version dependencies: 22428ff
Is it possible to release a new sops version to get these fixes?
The following vulnerabilities were recently fixed in sops dependencies:
The sops codebase already includes the fixed version dependencies: 22428ff
Is it possible to release a new sops version to get these fixes?