Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
1.11.3
-
None
-
None
Description
The NuGet Package [NuGet Gallery | Apache.Avro 1.11.3|https://www.nuget.org/packages/Apache.Avro/1.11.3]
has dependencies on vulnerable packages, the command
dotnet list package --include-transitive --vulnerable
shows vulnerabilities classified as High
> Newtonsoft.Json 10.0.3 High https://github.com/advisories/GHSA-5crp-9r3c-p9vr
> System.Net.Http 4.3.0 High https://github.com/advisories/GHSA-7jgj-8wvc-jh57
> System.Text.RegularExpressions 4.3.0 High https://github.com/advisories/GHSA-cmhx-cq75-c4mj
Attachments
Issue Links
- Is contained by
-
AVRO-3906 Add NET 8.0 support
- Resolved