Is this a BUG REPORT or FEATURE REQUEST?: BUG REPORT
What happened:
openstorage uses unmaintained package: github.com/dgrijalva/jwt-go.
There is a security vulnerability found in this library: https://nvd.nist.gov/vuln/detail/CVE-2020-26160
The recommended way to proceed is to upgrade github.com/dgrijalva/jwt-go to its maintained fork: github.com/golang-jwt/jwt which is a drop-in replacement with this issue already fixed.
Is this a BUG REPORT or FEATURE REQUEST?: BUG REPORT
What happened:
openstorage uses unmaintained package: github.com/dgrijalva/jwt-go.
There is a security vulnerability found in this library: https://nvd.nist.gov/vuln/detail/CVE-2020-26160
The recommended way to proceed is to upgrade github.com/dgrijalva/jwt-go to its maintained fork: github.com/golang-jwt/jwt which is a drop-in replacement with this issue already fixed.