You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I can see gopkg.in/yaml.v2 is being used. Our BlackDuck scan shows gopkg.in/yaml.v2 version is EOLed. Hence can we update this component to latest v3 version.
The text was updated successfully, but these errors were encountered:
Hello, due to the current inclusion of gopkg.in/yaml.v2@v2.4.0, a vulnerability CVE-2022-28948 has been detected. As per compliance requirements, it is necessary to address this issue within the given deadline. I would like to inquire if there are any plans to upgrade to gopkg.in/yaml.v3 v3.0.1 in order to resolve this matter. Thank you for your attention.
I can see gopkg.in/yaml.v2 is being used. Our BlackDuck scan shows gopkg.in/yaml.v2 version is EOLed. Hence can we update this component to latest v3 version.
The text was updated successfully, but these errors were encountered: