Uploaded image for project: 'Apache Avro'
  1. Apache Avro
  2. AVRO-3963

Apache.Avro .NET shows vulnerabilities

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 1.11.3
    • None
    • csharp
    • None

    Description

      The NuGet Package [NuGet Gallery | Apache.Avro 1.11.3|https://www.nuget.org/packages/Apache.Avro/1.11.3]

      has dependencies on vulnerable packages, the command 

      dotnet list package --include-transitive --vulnerable
       
      shows vulnerabilities classified as High
       

      > Newtonsoft.Json 10.0.3 High https://github.com/advisories/GHSA-5crp-9r3c-p9vr
      > System.Net.Http 4.3.0 High https://github.com/advisories/GHSA-7jgj-8wvc-jh57
      > System.Text.RegularExpressions 4.3.0 High https://github.com/advisories/GHSA-cmhx-cq75-c4mj

      Attachments

        Issue Links

          Is contained by

          Improvement - An improvement or enhancement to an existing feature or task. AVRO-3906 Add NET 8.0 support

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              ridomin Ricardo Minguez
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: