Vulnerability is said to be resolved in 1.18.6. Currently build uses 1.18.5.

If you could rerun the build to resolve this issue.

Would it be worth creating a scheduled gha that rebuilds the image either with latest tag or <version>-latest? That way we don't override the existing tag and also provide latest option of underlying dependencies.

You can build from source to avoid encountering this in future e.g. GOOS=linux GOARCH=amd64 GOBIN="${GITHUB_WORKSPACE}/build" CGO_ENABLED=0 go install -tags=netgo -ldflags '-w' github.com/grpc-ecosystem/grpc-health-probe@latest

(This wont work with cross compiling)

I understand that it is possible to just build the executable with the latest version of go. However, we do not have go build environments on our systems and therefore I would appreciate if you could provide a new binary release. Thanks.

Im not the owner of this repo nor do I have any permissions on it.