The library golang.org/x/crypto version 0.40.0 was detected in envconsul and is vulnerable to CVE-2025-47913, which exists in versions < 0.43.0.
The library github.com/go-jose/go-jose/v4 version 4.1.1 was detected in envconsul and is vulnerable to CVE-2026-34986, which exists in versions < 4.1.4.
The library
golang.org/x/cryptoversion0.40.0was detected in envconsul and is vulnerable toCVE-2025-47913, which exists in versions< 0.43.0.The library
github.com/go-jose/go-jose/v4version4.1.1was detected in envconsul and is vulnerable toCVE-2026-34986, which exists in versions< 4.1.4.