There are several CVEs in golang binaries: pt-k8s-debug-collector, pt-mongodb-summary ,pt-mongodb-query-digest and pt-mongodb-index-check
Environment
None
Activity
Show:
Sveta Smirnova December 28, 2022 at 10:36 PM
Hi
thank you for the report. But Go tools are not tracked in Github for Percona Toolkit. They need to be built with Go 1.19.1 or higher in order to avoid vulnerability in golang.org/x/net. Module version in go.mod and go.sum is correct.
There are several CVEs in golang binaries:
pt-k8s-debug-collector, pt-mongodb-summary ,pt-mongodb-query-digest and pt-mongodb-index-check