reload – Critical vulnerability impacting configmap-reload

Hi,

We are an enterprise using configmap-reload and found there is a critical vulnerability impacting the latest version available, CVE-2021-38297.

It impacts the following versions of go which may be used by configmap-reload: go:1.15.7 go:1.15.1 go:1.13.6 go:1.16.7 go:1.17.1 go:1.16.1 go:1.16.5

It is fixed in fixed in 1.17.2, 1.16.9.

Is there a possibility to point us to a fixed version if it exists, or help create a new version that includes a fix for the image?

Thank you,

Read more here: Source link