You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@avro.apache.org by "Ricardo Minguez (Jira)" <ji...@apache.org> on 2024/03/20 00:05:00 UTC

[jira] [Created] (AVRO-3963) Apache.Avro .NET shows vulnerabilities

Ricardo Minguez created AVRO-3963:
-------------------------------------

             Summary: Apache.Avro .NET shows vulnerabilities
                 Key: AVRO-3963
                 URL: https://issues.apache.org/jira/browse/AVRO-3963
             Project: Apache Avro
          Issue Type: Bug
          Components: csharp
    Affects Versions: 1.11.3
            Reporter: Ricardo Minguez


The NuGet Package [NuGet Gallery | Apache.Avro 1.11.3|https://www.nuget.org/packages/Apache.Avro/1.11.3]

has dependencies on vulnerable packages, the command 


dotnet list package --include-transitive --vulnerable
 
shows vulnerabilities classified as High
 

> Newtonsoft.Json 10.0.3 High https://github.com/advisories/GHSA-5crp-9r3c-p9vr
> System.Net.Http 4.3.0 High https://github.com/advisories/GHSA-7jgj-8wvc-jh57
> System.Text.RegularExpressions 4.3.0 High https://github.com/advisories/GHSA-cmhx-cq75-c4mj



--
This message was sent by Atlassian Jira
(v8.20.10#820010)