Users of the go.mongodb.org/mongo-driver golang package are starting to see Snyk vulnerability alerts due to the github.com/gobuffalo/packr/v2 dependency.
Snyk link: https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGOBUFFALOPACKRV2-1920670
Per the Snyk vulnerability, version 2.3.2 of the packr/v2 package appears to be fixed.
Please deliver a new version of the mongo-driver package that avoids this vulnerability.
- is caused by
-
GODRIVER-2234 Remove dependencies added by operationgen
- Closed
- is related to
-
GODRIVER-2234 Remove dependencies added by operationgen
- Closed