Status
Impact
The CVE GHSA-w32m-9786-jp63 from the container-shim-runc binary cannot be fixed due to the dependency on https://github.com/k3s-io/containerd/blob/v1.7.23/go.mod, any newer tag also uses x/net@v0.23.0 which is also affected by this vulnerability. Upstream maintainers must implement remediation.
Status
Status
Fixed version
1.31.4.1-r2Status
Impact
This vulnerability requires an upgrade in a separate project 'https://github.com/k3s-io/containerd' on which the vulnerable dependency still uses an affected version.
Status