You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I noticed that your dependency on System.Text.Json version 4.7.0 has a security issue.
Are there any plans to upgrade this to a secure version? I would love to use this library but that is currently an issue for us.
Here's what my scanner found along with some information on remediation steps. I think it's as simple as bumping up System.Text.Json to 4.7.2+
Detailed paths
Introduced through: project@undefined › Macross.Json.Extensions@2.1.0-beta5 › System.Text.Json@4.7.0 › System.Text.Encodings.Web@4.7.0
Overview
Affected versions of this package are vulnerable to Remote Code Execution (RCE) due to how text encoding is performed.
Remediation
Upgrade System.Text.Encodings.Web to version 4.5.1, 4.7.2, 5.0.1 or higher.
The text was updated successfully, but these errors were encountered:
I noticed that your dependency on System.Text.Json version 4.7.0 has a security issue.
Are there any plans to upgrade this to a secure version? I would love to use this library but that is currently an issue for us.
Here's what my scanner found along with some information on remediation steps. I think it's as simple as bumping up System.Text.Json to 4.7.2+
The text was updated successfully, but these errors were encountered: