You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@avro.apache.org by "Ricardo Minguez (Jira)" <ji...@apache.org> on 2024/03/20 00:05:00 UTC
[jira] [Created] (AVRO-3963) Apache.Avro .NET shows vulnerabilities
Ricardo Minguez created AVRO-3963:
-------------------------------------
Summary: Apache.Avro .NET shows vulnerabilities
Key: AVRO-3963
URL: https://issues.apache.org/jira/browse/AVRO-3963
Project: Apache Avro
Issue Type: Bug
Components: csharp
Affects Versions: 1.11.3
Reporter: Ricardo Minguez
The NuGet Package [NuGet Gallery | Apache.Avro 1.11.3|https://www.nuget.org/packages/Apache.Avro/1.11.3]
has dependencies on vulnerable packages, the command
dotnet list package --include-transitive --vulnerable
shows vulnerabilities classified as High
> Newtonsoft.Json 10.0.3 High https://github.com/advisories/GHSA-5crp-9r3c-p9vr
> System.Net.Http 4.3.0 High https://github.com/advisories/GHSA-7jgj-8wvc-jh57
> System.Text.RegularExpressions 4.3.0 High https://github.com/advisories/GHSA-cmhx-cq75-c4mj
--
This message was sent by Atlassian Jira
(v8.20.10#820010)