[BUG] Version of Go has security issues

**Describe the bug**
The Doppler CLI is built with Go version 1.24.0 which contains multiple security vulnerabilities in its standard library. These vulnerabilities are flagged by third-party security scanners and can prevent organizations from passing security audits, including SOC2 certification.

**To Reproduce**
Install Doppler CLI into your deployed resources
Scan your resources with a 3rd party security system
See that it has concerns with the Go version, resulting in dozens of CVE security vulnerabilities, including [CVE-2025-47907](https://hackerone.com/hacktivity/cve_discovery?id=CVE-2025-47907), [CVE-2025-4674](https://hackerone.com/hacktivity/cve_discovery?id=CVE-2025-4674), and [CVE-2025-58188](https://hackerone.com/hacktivity/cve_discovery?id=CVE-2025-58188). Almost all of these are because of vulnerabilities in stdlib

**Expected behavior**
Having no issues related to Go version on security audits

**CLI Version:**
Version 3.75.1


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[BUG] Version of Go has security issues #508

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[BUG] Version of Go has security issues #508

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions