Uploaded image for project: 'Go Driver'
  1. Go Driver
  2. GODRIVER-2233

vulnerability alert for github.com/gobuffalo/packr/v2 dependency

    • Type: Icon: Bug Bug
    • Resolution: Duplicate
    • Priority: Icon: Blocker - P1 Blocker - P1
    • 1.8.0, 1.7.5
    • Affects Version/s: 1.7.4
    • Component/s: None
    • None
    • Not Needed

      Users of  the go.mongodb.org/mongo-driver golang package are starting to see Snyk vulnerability alerts due to the github.com/gobuffalo/packr/v2 dependency.

      Snyk link: https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGOBUFFALOPACKRV2-1920670

       

      Per the Snyk vulnerability, version 2.3.2 of the packr/v2 package appears to be fixed.

      Please deliver a new version of the mongo-driver package that avoids this vulnerability.

            Assignee:
            Unassigned Unassigned
            Reporter:
            padamstx@gmail.com Phil Adams
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: