Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Backport 1.x] Bump Microsoft.TestPlatform.ObjectModel from 17.11.1 to 17.12.0 #861

Merged
merged 1 commit into from
Nov 25, 2024

Bump Microsoft.TestPlatform.ObjectModel from 17.11.1 to 17.12.0 (#858)

0211049
Select commit
Loading
Failed to load commit list.
Merged

[Backport 1.x] Bump Microsoft.TestPlatform.ObjectModel from 17.11.1 to 17.12.0 #861

Bump Microsoft.TestPlatform.ObjectModel from 17.11.1 to 17.12.0 (#858)
0211049
Select commit
Loading
Failed to load commit list.
Mend for GitHub.com / Mend Security Check failed Nov 25, 2024 in 8m 35s

Security Report

1 new vulnerabilities were introduced in this branch.

❌ New vulnerabilities:

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
CVE-2024-43483

Path to dependency file: /src/ApiGenerator/ApiGenerator.csproj

Path to vulnerable library: /home/wss-scanner/.nuget/packages/microsoft.extensions.caching.memory/6.0.0/microsoft.extensions.caching.memory.6.0.0.nupkg

Dependency Hierarchy:

-> razorlight.2.3.1.nupkg (Root Library)

   -> ❌ microsoft.extensions.caching.memory.6.0.0.nupkg (Vulnerable Library)

High 7.5 microsoft.extensions.caching.memory.6.0.0.nupkg Upgrade to version: System.IO.Packaging - 6.0.1,8.0.1,9.0.0-rc.2.24473.5, Microsoft.Extensions.Caching.Memory - 6.0.2,8.0.1,9.0.0-rc.2.24473.5, System.Security.Cryptography.Cose - 8.0.1,9.0.0-rc.2.24473.5 #843

Base branch total remaining vulnerabilities: 0
Base branch commit: 274e12bbc8db5a6ee8f6e821289e2daae6f46209


Total libraries scanned: 165

Scan token: 98de1f95cfa541eb8139a1ceac8c58dd

View more details on Mend for GitHub.com