go.mod: upgrade dependency golang.org/x/crypto to latest version to avoid vulnerability

Question

go.mod: upgrade dependency golang.org/x/crypto to latest version to avoid vulnerability

mswathi-tw opened this issue 3 years ago · 1 comments

We are using the latest version (github.com/mattn/go-ieproxy@v0.0.7 ) which internally uses the following library

github.com/mattn/go-ieproxy@v0.0.7 › golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2

This has introduced certain snyk vulnerability NULL Pointer Dereference and in order to solve this issue following library version has to be upgraded to golang.org/x/crypto@0.0.0-20201216223049-8b5274cf687f or more.

Can you please upgrade it.

mattn commented 3 years ago

Thank you