We are an enterprise using configmap-reload and found there is a critical vulnerability impacting the latest version available, CVE-2021-38297.
It impacts the following versions of go which may be used by configmap-reload: go:1.15.7 go:1.15.1 go:1.13.6 go:1.16.7 go:1.17.1 go:1.16.1 go:1.16.5
It is fixed in fixed in 1.17.2, 1.16.9.
Is there a possibility to point us to a fixed version if it exists, or help create a new version that includes a fix for the image?
Read more here: Source link