7.5
CVSS CVSS_V3
Status
Fixed version
3.0.18-r0Status
Impact
Kubescape currently relies on an affected version of 'go-tuf', which looks to have been depreciated in favor of 'go-tuf/v2'. There are significant changes between these releases, and attempting to upgrade results in build errors. Pending fix from upstream, which will involve removing their dependency on the depreciated version. Related information: https://github.com/github/advisory-database/pull/4893.
Status