Skip to content

Critical Vulnerability found in spilo-17:4.0-p3 #1154

New issue
New issue
Open
Open
Critical Vulnerability found in spilo-17:4.0-p3#1154
@devadharpraveen29

Description

@devadharpraveen29
devadharpraveen29
opened on Sep 10, 2025

I could see a critical vulnerability reported for image version spilo-17:4.0-p3

ID : CVE-2024-45337
package : golang.org/x/crypto

Please let me know the mitigation or any planned updates to resolve this vulnerability

In addition there are 9 high vulnerabilities as well , below are the details

Package Vulnerability ID Severity
github.com/golang-jwt/jwt CVE-2025-30204 HIGH
github.com/golang-jwt/jwt/v4 CVE-2025-30204 HIGH
github.com/jackc/pgproto3/v2 GHSA-7jwh-3vrq-q3m8 HIGH
github.com/jackc/pgx CVE-2024-27289 HIGH
github.com/jackc/pgx CVE-2024-27304 HIGH
golang.org/x/crypto CVE-2025-22869 HIGH
golang.org/x/oauth2 CVE-2025-22868 HIGH
stdlib CVE-2025-47907 HIGH

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions