4Nis
CVE-2022-29190 due to telegraf?
I am working on finding workaround for CVE-2022-29190 in my application.
My application makes use of telegraf.
It also states this:
Telegraf is written in Go and compiles into a single binary with no external dependencies.
When I read details of this CVE here, it says this CVE is due to Pion DTLS. Also, I find this, which mentions telegraf.
So I am a bit confused here. If telegraf has no dependencies(ie no Pion DTLS) then why is it mentioned on ubuntu site as culprit package?
What am I missing here?