[🐸 Frogbot] Update version of golang.org/x/crypto to 0.31.0 #799

github-actions · 2024-12-13T00:34:27Z

📦 Vulnerable Dependencies

SEVERITY	CONTEXTUAL ANALYSIS	DIRECT DEPENDENCIES	IMPACTED DEPENDENCY	FIXED VERSIONS	CVES
High	Not Covered	github.com/jfrog/jfrog-cli-core/v2:v2.57.0 github.com/jfrog/jfrog-cli-security:v1.13.3 github.com/jfrog/jfrog-client-go:v1.48.2 golang.org/x/crypto:v0.29.0 golang.org/x/net:v0.31.0	golang.org/x/crypto v0.29.0	[0.31.0]	CVE-2024-45337

Description:
Applications and libraries which misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass.

Upgrade golang.org/x/crypto to 0.31.0

6aecb6d