Remove some vulnerabilities from go modules

## Description:
There are quite some vulnerabilities in feast when I build docker image of k8s materialization engine. 
Seems to be all go related. Would appreciate alteast removing critical and high one's ASAP. Thanks

Severity | CVE ID | Package name & version
-- | -- | --
High | CVE-2021-3121 | github.com/gogo/protobuf v1.2.1
High | CVE-2022-24450 | github.com/nats-io/nats-server/v2 v2.1.2
High | CVE-2019-13126 | github.com/nats-io/nats-server/v2 v2.1.2
High | CVE-2020-28466 | github.com/nats-io/nats-server/v2 v2.1.2
High | CVE-2018-16886 | go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738
Medium | CVE-2020-15106 | go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738
Medium | CVE-2020-15112 | go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738
Medium | CVE-2022-41727 | golang.org/x/image v0.0.0-20220302094943-723b81ca9867
Medium | CVE-2023-29408 | golang.org/x/image v0.0.0-20220302094943-723b81ca9867
Medium | CVE-2023-29407 | golang.org/x/image v0.0.0-20220302094943-723b81ca9867
Critical | CVE-2020-26892 | github.com/nats-io/jwt v0.3.2
High | CVE-2021-3127 | github.com/nats-io/jwt v0.3.2
High | CVE-2020-26521 | github.com/nats-io/jwt v0.3.2
Medium | CVE-2022-2582 | github.com/aws/aws-sdk-go v1.27.0
Medium | CVE-2020-8911 | github.com/aws/aws-sdk-go v1.27.0
Low | CVE-2020-8912 | github.com/aws/aws-sdk-go v1.27.0
High | CVE-2020-26160 | github.com/dgrijalva/jwt-go v3.2.0+incompatible
Medium | CVE-2019-19794 | github.com/miekg/dns v1.0.14
High | CVE-2022-21698 | github.com/prometheus/client_golang v1.3.0
High | CVE-2020-27813 | github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c


## Possible Solution
Upgrade packages?

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Remove some vulnerabilities from go modules #4506

Description:

Possible Solution

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Severity	CVE ID	Package name & version
High	CVE-2021-3121	github.com/gogo/protobuf v1.2.1
High	CVE-2022-24450	github.com/nats-io/nats-server/v2 v2.1.2
High	CVE-2019-13126	github.com/nats-io/nats-server/v2 v2.1.2
High	CVE-2020-28466	github.com/nats-io/nats-server/v2 v2.1.2
High	CVE-2018-16886	go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738
Medium	CVE-2020-15106	go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738
Medium	CVE-2020-15112	go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738
Medium	CVE-2022-41727	golang.org/x/image v0.0.0-20220302094943-723b81ca9867
Medium	CVE-2023-29408	golang.org/x/image v0.0.0-20220302094943-723b81ca9867
Medium	CVE-2023-29407	golang.org/x/image v0.0.0-20220302094943-723b81ca9867
Critical	CVE-2020-26892	github.com/nats-io/jwt v0.3.2
High	CVE-2021-3127	github.com/nats-io/jwt v0.3.2
High	CVE-2020-26521	github.com/nats-io/jwt v0.3.2
Medium	CVE-2022-2582	github.com/aws/aws-sdk-go v1.27.0
Medium	CVE-2020-8911	github.com/aws/aws-sdk-go v1.27.0
Low	CVE-2020-8912	github.com/aws/aws-sdk-go v1.27.0
High	CVE-2020-26160	github.com/dgrijalva/jwt-go v3.2.0+incompatible
Medium	CVE-2019-19794	github.com/miekg/dns v1.0.14
High	CVE-2022-21698	github.com/prometheus/client_golang v1.3.0
High	CVE-2020-27813	github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c

Remove some vulnerabilities from go modules #4506

Description

Description:

Possible Solution

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions