Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Snyk: gosnowflake golang.org/x/net v0.8.0 | Snyk ID - SNYK-GOLANG-GOLANGORGXNETHTML-5816820 #896

Closed
github-actions bot opened this issue Aug 24, 2023 · 3 comments
Closed

Snyk: gosnowflake golang.org/x/net v0.8.0 | Snyk ID - SNYK-GOLANG-GOLANGORGXNETHTML-5816820 #896

github-actions bot opened this issue Aug 24, 2023 · 3 comments
Assignees
@sfc-gh-triage-snowpark-ecosystem-dl
Labels
security vulnerability Security vulnerability detected by WhiteSource status-fixed_awaiting_release The issue has been fixed, its PR merged, and now awaiting the next release cycle of the connector.

Comments

@github-actions
Copy link

Title: Snyk: gosnowflake golang.org/x/net v0.8.0
Additional information on Snyk can be found here: https://snyk.io/org/snowflakedb-sca-scanning-public-repo/project/70187b64-3a98-4b6f-a945-48604ebb7832
Repo: gosnowflake
CVE: CVE-2023-3978
Package Type: golang
Package Name: golang.org/x/net
Package Version: v0.8.0
Snyk ID: SNYK-GOLANG-GOLANGORGXNETHTML-5816820
Vulnerability URL: http://security.snyk.io/vuln/SNYK-GOLANG-GOLANGORGXNETHTML-5816820
Severity: medium
Introduced Date: 2023-08-05
Projects with Vulnerability: snowflakedb/gosnowflake:go.mod
Target File: go.mod
JIRA Ticket: https://snowflakecomputing.atlassian.net/browse/SNOW-899207
@sfc-gh-dszmolka sfc-gh-dszmolka self-assigned this Aug 25, 2023
@sfc-gh-dszmolka
Copy link
Contributor

we're going to take a look

@sfc-gh-dszmolka sfc-gh-dszmolka added the status-in_progress Issue is worked on by the driver team label Aug 25, 2023
@sfc-gh-dszmolka
Copy link
Contributor

should be also covered by the net upgrade at #972

@sfc-gh-dszmolka sfc-gh-dszmolka added security vulnerability Security vulnerability detected by WhiteSource status-fixed_awaiting_release The issue has been fixed, its PR merged, and now awaiting the next release cycle of the connector. and removed status-in_progress Issue is worked on by the driver team labels Nov 30, 2023
@sfc-gh-dszmolka
Copy link
Contributor

released with 1.7.1, closing

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sfc-gh-triage-snowpark-ecosystem-dl sfc-gh-triage-snowpark-ecosystem-dl

Labels
security vulnerability Security vulnerability detected by WhiteSource status-fixed_awaiting_release The issue has been fixed, its PR merged, and now awaiting the next release cycle of the connector.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sfc-gh-dszmolka @sfc-gh-triage-snowpark-ecosystem-dl