Critical Vulnerability in the rcon-cli binary

Question

Critical Vulnerability in the rcon-cli binary

thijsvanloef opened this issue a year ago · 4 comments

Hi! first of all, thank you for creating this package, i've included it by default in my Palworld docker container. I did however find something worth noting.

The binary uses stdlib v1.19.3 which includes multiple Critical and High vulnerabilities.

Would it be possible to provide a release with the stdlib updated to a more recent version?

Thanks in advance

Answer 1 · 2024-01-27T22:37:04.000Z

Since this is a standard go library, the solution should be to simply upgrade go in the build.yml workflow and rebuild the binary if i'm not mistaken.

Answer 2 · 2024-01-29T10:45:51.000Z

+1 on this.

Answer 3 · 2024-02-09T16:56:07.000Z

Hey @outdead is there any eta known on when this CVE gets fixed?

Answer 4 · 2024-02-19T14:21:17.000Z

Hey @outdead - Now its 3 critical and 18 high CVEs in only that package.

Can you please share an eta on when this will be fixed?

@thijsvanloef FYI