Skip to content

fix: bump go version to the latest patch to fix high severity CVEs#416

Merged
elenz97 merged 1 commit into
mittwald:masterfrom
SebastienSyd:pycats-master-1770882332
Feb 12, 2026
Merged

fix: bump go version to the latest patch to fix high severity CVEs#416
elenz97 merged 1 commit into
mittwald:masterfrom
SebastienSyd:pycats-master-1770882332

Conversation

@SebastienSyd

@SebastienSyd SebastienSyd commented Feb 12, 2026

Copy link
Copy Markdown
Contributor

Hi @elenz97, there are multiple CVEs that can be quickly fixed by just rebuilding the Docker image with the latest go patch version

See below the list of CVEs in the v2.12.2 image version

They will all be gone after rebuild with go 1.24.13

❯ grype quay.io/mittwald/kubernetes-replicator:v2.12.2
 ✔ Pulled image
 ✔ Loaded image                                                                                                                                                   quay.io/mittwald/kubernetes-replicator:v2.12.2
 ✔ Parsed image                                                                                                                          sha256:eb173a334f9f09e5b544b4dbdee908a569942737f69ebf535b2609692c37c897
 ✔ Cataloged contents                                                                                                                           5795c935d856dde3b42e3bc596a4e9c9f1183d4bf9265832ce6f819fd322345c
   ├── ✔ Packages                        [45 packages]
   ├── ✔ Executables                     [1 executables]
   ├── ✔ File metadata                   [1 locations]
   └── ✔ File digests                    [1 files]
 ✔ Scanned for vulnerabilities     [8 vulnerability matches]
   ├── by severity: 1 critical, 4 high, 3 medium, 0 low, 0 negligible
NAME    INSTALLED  FIXED IN                      TYPE       VULNERABILITY   SEVERITY  EPSS          RISK
stdlib  go1.24.10  1.24.12, 1.25.6               go-module  CVE-2025-61726  High      < 0.1% (5th)  < 0.1
stdlib  go1.24.10  1.24.11, 1.25.5               go-module  CVE-2025-61729  High      < 0.1% (3rd)  < 0.1
stdlib  go1.24.10  1.24.12, 1.25.6               go-module  CVE-2025-61730  Medium    < 0.1% (5th)  < 0.1
stdlib  go1.24.10  1.24.13, 1.25.7, 1.26.0-rc.3  go-module  CVE-2025-68121  Critical  < 0.1% (2nd)  < 0.1
stdlib  go1.24.10  1.24.12, 1.25.6               go-module  CVE-2025-61728  Medium    < 0.1% (3rd)  < 0.1
stdlib  go1.24.10  1.24.12, 1.25.6               go-module  CVE-2025-61731  High      < 0.1% (0th)  < 0.1
stdlib  go1.24.10  1.24.11, 1.25.5               go-module  CVE-2025-61727  Medium    < 0.1% (1st)  < 0.1
stdlib  go1.24.10  1.24.13, 1.25.7               go-module  CVE-2025-61732  High      < 0.1% (0th)  < 0.1

Thank you

elenz97
elenz97 approved these changes Feb 12, 2026
View reviewed changes

@elenz97 elenz97 left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm 👍 i will look into the broken builds. Thank you for having a look into this @SebastienSyd!

@elenz97 elenz97 merged commit 550c45f into mittwald:master Feb 12, 2026
2 of 6 checks passed
@elenz97 elenz97 mentioned this pull request Feb 12, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@elenz97 elenz97 elenz97 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@SebastienSyd @elenz97