You have an open security issue: GO-2023-2328.
It also has an assigned CVE: https://www.cve.org/CVERecord?id=CVE-2023-45286

Are you able to provide a fix please? Is there a known workaround which isn't known by the CVE.

This issue is known since November 2, and PR #745 waits for approval since three weeks.

Ok understood thanks.

3 weeks for a CVE fix to be approved seems a little unresponsive? We'll need to mark this in our Technical Compliance Report and determine whether the risk is worth it. Good luck with the PR!

@tommed Thanks for reaching out. I have been traveling on vacation days and will return from vacation in the first week of January.
I'm sorry for not checking my emails and notifications properly these days.

PR #745 is merged; I'm making a release.