We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
goutils
v1.1.1
Notifications-engine is currently consuming v1.1.0 of the goutils package https://nvd.nist.gov/vuln/detail/CVE-2021-4238 has identified a critical vulnerability in this package concerning insecure randomness in the function CryptoRandomAlphaNumeric which is consumed by notifications-engine in a code path starting here: https://github.com/argoproj/notifications-engine/blob/master/pkg/templates/service.go#L20
v1.1.0
CryptoRandomAlphaNumeric
To address this vulnerability the goutils package should be bumped up to v1.1.1
The text was updated successfully, but these errors were encountered:
Successfully merging a pull request may close this issue.
Notifications-engine is currently consuming
v1.1.0
of thegoutils
packagehttps://nvd.nist.gov/vuln/detail/CVE-2021-4238 has identified a critical vulnerability in this package concerning insecure randomness in the function
CryptoRandomAlphaNumeric
which is consumed by notifications-engine in a code path starting here: https://github.com/argoproj/notifications-engine/blob/master/pkg/templates/service.go#L20To address this vulnerability the
goutils
package should be bumped up tov1.1.1
The text was updated successfully, but these errors were encountered: