Blackduck is reporting security vulnerabilities for below components.
- go-etcd v3.3.27
- Go programming language
Need to know if these components are getting used in consul binary 1.18.0 and 1.20.0.
Below are the vulnerabilities reported for Go programming language.
CVE-2015-5740
CVE-2015-5739
CVE-2012-2666
CVE-2017-1000097
CVE-2016-3959
CVE-2017-1000098
CVE-2022-23772
CVE-2023-44487
CVE-2021-33194
CVE-2021-41772
CVE-2022-32148
CVE-2017-8932
CVE-2022-29526
CVE-2023-24532
Below are the vulnerabilities reported for go-etcd v3.3.27
CVE-2018-1099
CVE-2023-32082
Also can someone confirm if these vulnerabilities are present in open source version of consul which is consul 1.18.0 or 1.20.0?