Skip to content

Update module golang.org/x/oauth2 to v0.27.0 [SECURITY] - autoclosed#29

Closed
renovate[bot] wants to merge 1 commit intomainfrom
renovate/go-golang.org-x-oauth2-vulnerability
Closed

Update module golang.org/x/oauth2 to v0.27.0 [SECURITY] - autoclosed#29
renovate[bot] wants to merge 1 commit intomainfrom
renovate/go-golang.org-x-oauth2-vulnerability

Conversation

@renovate
Copy link
Copy Markdown

@renovate renovate Bot commented Aug 4, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
golang.org/x/oauth2 v0.10.0v0.27.0 age confidence

GitHub Vulnerability Alerts

CVE-2025-22868

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added the automated label Aug 4, 2025
@renovate
Copy link
Copy Markdown
Author

renovate Bot commented Aug 4, 2025

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • The go directive was updated for compatibility reasons

Details:

Package Change
go 1.21 -> 1.23.0

@renovate renovate Bot added the automated label Aug 4, 2025
@renovate renovate Bot force-pushed the renovate/go-golang.org-x-oauth2-vulnerability branch from 47038c2 to 634554e Compare August 12, 2025 00:05
@renovate renovate Bot force-pushed the renovate/go-golang.org-x-oauth2-vulnerability branch from 634554e to 8b7117d Compare August 15, 2025 12:04
@renovate
Copy link
Copy Markdown
Author

renovate Bot commented Dec 16, 2025

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • The go directive was updated for compatibility reasons

Details:

Package Change
go 1.21 -> 1.23.0

@renovate renovate Bot changed the title Update module golang.org/x/oauth2 to v0.27.0 [SECURITY] Update module golang.org/x/oauth2 to v0.27.0 [SECURITY] - autoclosed Apr 15, 2026
@renovate renovate Bot closed this Apr 15, 2026
@renovate renovate Bot deleted the renovate/go-golang.org-x-oauth2-vulnerability branch April 15, 2026 15:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ulucinar ulucinar Awaiting requested review from ulucinar ulucinar is a code owner

@sergenyalcin sergenyalcin Awaiting requested review from sergenyalcin sergenyalcin is a code owner

Assignees

No one assigned

Labels

automated

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants