Critical Vulnerability CVE-2024-41110  in v26.0.1 of docker included in k9s

<img src="https://raw.githubusercontent.com/derailed/k9s/master/assets/k9s_err.png" align="right" width="100" height="auto"/>

We are building k9s into a [go-dev-container](https://github.com/sarg3nt/go-dev-container) and trivy security scanning is detecting the above mentioned critical vulnerability in k9s.  See screenshot below.

A few thoughts.
1. You have a lot of PRs from dependabot waiting to be merged.  Any reason why?
2. Recommend turning on trivy scanning. 
3. Recommend running your repo through https://app.stepsecurity.io/securerepo  This tool is recommended by the [ossf scorecard](https://github.com/ossf/scorecard-action#installation).  Another security tool you can look into if you like.  

Also CVE-2024-6257 , see second screenshot below.

![image](https://github.com/user-attachments/assets/24ce66ec-2578-4a78-9ba7-a0d631d220fe)
Also
![image](https://github.com/user-attachments/assets/4c013bd8-0184-4c4d-9b24-9eac35287b1e)



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Critical Vulnerability CVE-2024-41110 in v26.0.1 of docker included in k9s #2938

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Uh oh!

Critical Vulnerability CVE-2024-41110 in v26.0.1 of docker included in k9s #2938

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions