Multiple CVEs reported by Trivy scan tool for v0.39.1

[KisanK79]

usr/local/bin/consul-template (gobinary)

Total: 3 (UNKNOWN: 0, LOW: 0, MEDIUM: 2, HIGH: 1, CRITICAL: 0)

Library	Vulnerability	Severity	Status	Installed Version	Fixed Version	Title
stdlib	CVE-2024-34156	HIGH	fixed	1.22.5	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message with deeply nested structures
						More info
stdlib	CVE-2024-34155	MEDIUM				go/parser: golang: Calling any Parse functions with deeply nested literals
						More info
stdlib	CVE-2024-34158	MEDIUM				go/build/constraint: golang: Parsing a "// +build" build tag line with specific constraints
						More info

The listed CVEs for v0.39.1, Looks like go version needs to be bumped

[KisanK79]

Do we have any updates to bump the version to fix below Critical CVEs?

Library	Vulnerability	Severity	Status	Installed Version	Fixed Version	Title
golang.org/x/crypto	CVE-2024-45337	CRITICAL	fixed	v0.22.0	0.31.0	golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto. Details
golang.org/x/net	CVE-2024-45338	HIGH		v0.24.0	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html. Details
stdlib	CVE-2024-34156			1.22.5	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures. Details
	CVE-2024-34155	MEDIUM				go/parser: golang: Calling any of the Parse functions containing deeply nested literals. Details
	CVE-2024-34158					go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested structures. Details

[jasonsedwards]

I'm also chasing something similar on #2009. The absence of releases since July 2024 is disturbing.