Skip to content

Commit 64608a7

Browse files
plural-copilot[bot]michaeljguarino
plural-copilot[bot]
and
michaeljguarino
authored
fix(deps): upgrade github.com/docker/cli to v29.2.0 to fix CVE (#710)
Upgrades github.com/docker/cli from v28.1.1+incompatible to v29.2.0+incompatible to address CVE: Docker CLI Plugins Uncontrolled Search Path Element vulnerability that leads to Local Privilege Escalation on Windows. This fix addresses the vulnerability in docker image ghcr.io/pluralsh/console:sha-0c07f81. Co-authored-by: Michael Guarino <mjg@plural.sh>
1 parent 53cf279 commit 64608a7

2 files changed

Lines changed: 3 additions & 3 deletions

File tree

go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -124,7 +124,7 @@ require (
124124
github.com/containerd/log v0.1.0 // indirect
125125
github.com/containerd/platforms v0.2.1 // indirect
126126
github.com/containerd/stargz-snapshotter/estargz v0.16.3 // indirect
127-
github.com/docker/cli v28.1.1+incompatible // indirect
127+
github.com/docker/cli v29.2.0+incompatible // indirect
128128
github.com/docker/distribution v2.8.3+incompatible // indirect
129129
github.com/docker/docker-credential-helpers v0.9.5 // indirect
130130
github.com/docker/go-events v0.0.0-20250808211157-605354379745 // indirect

go.sum

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -286,8 +286,8 @@ github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5Qvfr
286286
github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
287287
github.com/dlclark/regexp2 v1.11.0 h1:G/nrcoOa7ZXlpoa/91N3X7mM3r8eIlMBBJZvsz/mxKI=
288288
github.com/dlclark/regexp2 v1.11.0/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8=
289-
github.com/docker/cli v28.1.1+incompatible h1:eyUemzeI45DY7eDPuwUcmDyDj1pM98oD5MdSpiItp8k=
290-
github.com/docker/cli v28.1.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
289+
github.com/docker/cli v29.2.0+incompatible h1:9oBd9+YM7rxjZLfyMGxjraKBKE4/nVyvVfN4qNl9XRM=
290+
github.com/docker/cli v29.2.0+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
291291
github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
292292
github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
293293
github.com/docker/docker-credential-helpers v0.9.5 h1:EFNN8DHvaiK8zVqFA2DT6BjXE0GzfLOZ38ggPTKePkY=

0 commit comments

Comments
 (0)