Skip to content

Commit f72b063

Browse files
andyzhangxandyzhangx
authored
Merge pull request #2445 from kubernetes-sigs/CVE-2025-30204-1.32
[release-1.32] fix: CVE-2025-30204
2 parents a45fe39 + a4a2850 commit f72b063

File tree

8 files changed

+49
-18
lines changed

8 files changed

+49
-18
lines changed

.trivyignore

+1
Original file line numberDiff line numberDiff line change
@@ -2,3 +2,4 @@ CVE-2024-45336
22
CVE-2024-45341
33
CVE-2025-22866
44
CVE-2025-22870
5+
CVE-2025-30204

go.mod

+1-1
Original file line numberDiff line numberDiff line change
@@ -90,7 +90,7 @@ require (
9090
github.com/go-task/slim-sprig/v3 v3.0.0 // indirect
9191
github.com/godbus/dbus/v5 v5.1.1-0.20230522191255-76236955d466 // indirect
9292
github.com/gogo/protobuf v1.3.2 // indirect
93-
github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
93+
github.com/golang-jwt/jwt/v5 v5.2.2 // indirect
9494
github.com/google/btree v1.0.1 // indirect
9595
github.com/google/cadvisor v0.51.0 // indirect
9696
github.com/google/cel-go v0.22.0 // indirect

go.sum

+2-2
Original file line numberDiff line numberDiff line change
@@ -196,8 +196,8 @@ github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
196196
github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
197197
github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo=
198198
github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
199-
github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk=
200-
github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
199+
github.com/golang-jwt/jwt/v5 v5.2.2 h1:Rl4B7itRWVtYIHFrSNd7vhTiz9UpLdi6gZhZ3wEeDy8=
200+
github.com/golang-jwt/jwt/v5 v5.2.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
201201
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
202202
github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
203203
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=

vendor/github.com/golang-jwt/jwt/v5/README.md

+8-8
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/github.com/golang-jwt/jwt/v5/SECURITY.md

+2-2
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/github.com/golang-jwt/jwt/v5/parser.go

+33-3
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/github.com/golang-jwt/jwt/v5/token.go

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/modules.txt

+1-1
Original file line numberDiff line numberDiff line change
@@ -229,7 +229,7 @@ github.com/gogo/protobuf/gogoproto
229229
github.com/gogo/protobuf/proto
230230
github.com/gogo/protobuf/protoc-gen-gogo/descriptor
231231
github.com/gogo/protobuf/sortkeys
232-
# github.com/golang-jwt/jwt/v5 v5.2.1
232+
# github.com/golang-jwt/jwt/v5 v5.2.2
233233
## explicit; go 1.18
234234
github.com/golang-jwt/jwt/v5
235235
# github.com/golang/protobuf v1.5.4

0 commit comments

Comments
 (0)