crossplane-contrib/provider-kubernetes

CVE-2024-24786 - GHSA-8r3f-844c-mc37

AbrohamLincoln opened this issue · 1 comments

A CVE with a moderate severity was published.
GHSA-8r3f-844c-mc37

The protobuf dependency needs to be updated to v1.33.0 or newer to fix this CVE.

https://github.com/crossplane-contrib/provider-kubernetes/blob/main/go.mod#L93

Closing as resolved since we are using v1.33.0 on latest main now:

google.golang.org/protobuf v1.33.0 // indirect