Update go version to fix security vulnerabilitiesΒ #26
Description
π‘οΈ Security Vulnerability Report
Scan Summary: - π΄ 2 High Severity
- βͺ 0 Critical
π¦ OS Packages
Target: Container Image
| Library | Severity | Vulnerability | Fixed Version | Status |
|---|---|---|---|---|
| zlib | π΄ HIGH | CVE-2026-22184 | 1.3.2-r0 |
β Fixed |
Details:
- Installed Version:
1.3.1-r2 - Title: Arbitrary code execution via buffer overflow in
untgzutility.
πΉ Go Binary
Target: bin/go-http-server
| Library | Severity | Vulnerability | Fixed Version | Status |
|---|---|---|---|---|
| stdlib | π΄ HIGH | CVE-2026-25679 | 1.25.8, 1.26.1 |
β Fixed |
Details:
- Installed Version:
v1.24.13 - Title:
net/url: Incorrect parsing of IPv6 host literals innet/url.
π οΈ Remediation Steps
- OS Update: Update the base image or run a package manager update to pull
zlib >= 1.3.2-r0. - Go Update: Recompile the binary using Go version
1.25.8or1.26.1.