Fix 14 CVEs (CVE-2026-25681, CVE-2026-27136, CVE-2026-33814, ...)#41
Fix 14 CVEs (CVE-2026-25681, CVE-2026-27136, CVE-2026-33814, ...)#41oadp-rebasebot-app[bot] wants to merge 1 commit into
Conversation
- CVE-2026-25681: golang.org/x/net v0.52.0 → 0.55.0 - CVE-2026-27136: golang.org/x/net v0.52.0 → 0.55.0 - CVE-2026-33814: golang.org/x/net v0.52.0 → 0.53.0 - CVE-2026-34986: github.com/go-jose/go-jose/v4 v4.1.3 → 4.1.4 - CVE-2026-39821: golang.org/x/net v0.52.0 → 0.55.0 - CVE-2026-39828: golang.org/x/crypto v0.49.0 → 0.52.0 - CVE-2026-39829: golang.org/x/crypto v0.49.0 → 0.52.0 - CVE-2026-39830: golang.org/x/crypto v0.49.0 → 0.52.0 - CVE-2026-39831: golang.org/x/crypto v0.49.0 → 0.52.0 - CVE-2026-39832: golang.org/x/crypto v0.49.0 → 0.52.0 - CVE-2026-39835: golang.org/x/crypto v0.49.0 → 0.52.0 - CVE-2026-42508: golang.org/x/crypto v0.49.0 → 0.52.0 - CVE-2026-46595: golang.org/x/crypto v0.49.0 → 0.52.0 - CVE-2026-46597: golang.org/x/crypto v0.49.0 → 0.52.0
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: oadp-rebasebot-app[bot] The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
|
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## oadp-1.5 #41 +/- ##
===========================================
Coverage ? 77.51%
===========================================
Files ? 527
Lines ? 30397
Branches ? 0
===========================================
Hits ? 23562
Misses ? 4820
Partials ? 2015 ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
CVE Fixes
Automated scan found 14 fixable Go dependency CVE(s) in
migtools/kopiaon branchoadp-1.5.How this was fixed
go get <package>@<fixed_version>for each vulnerable dependencygo mod tidyto clean upGenerated by cve-scan pipeline