Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Backport 1.x] Bump CSharpier.Core, System.Text.Encodings.Web and System.Text.Json #889

Merged
merged 1 commit into from
Jan 13, 2025
+2 −2

Bump CSharpier.Core, System.Text.Encodings.Web and System.Text.Json (…

82d97c1
Select commit
Loading
Failed to load commit list.
Merged

[Backport 1.x] Bump CSharpier.Core, System.Text.Encodings.Web and System.Text.Json #889

Bump CSharpier.Core, System.Text.Encodings.Web and System.Text.Json (…
82d97c1
Select commit
Loading
Failed to load commit list.
Mend for GitHub.com / Mend Security Check failed Jan 13, 2025 in 6m 24s

Security Report

1 new vulnerabilities were introduced in this branch.

❌ New vulnerabilities:

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
CVE-2024-43483

Path to dependency file: /src/ApiGenerator/ApiGenerator.csproj

Path to vulnerable library: /home/wss-scanner/.nuget/packages/microsoft.extensions.caching.memory/6.0.0/microsoft.extensions.caching.memory.6.0.0.nupkg

Dependency Hierarchy:

-> razorlight.2.3.1.nupkg (Root Library)

   -> ❌ microsoft.extensions.caching.memory.6.0.0.nupkg (Vulnerable Library)

High 7.5 microsoft.extensions.caching.memory.6.0.0.nupkg Upgrade to version: System.IO.Packaging - 6.0.1,8.0.1,9.0.0-rc.2.24473.5, Microsoft.Extensions.Caching.Memory - 6.0.2,8.0.1,9.0.0-rc.2.24473.5, System.Security.Cryptography.Cose - 8.0.1,9.0.0-rc.2.24473.5 #843

Base branch total remaining vulnerabilities: 0
Base branch commit: 38df971794d4f960dc8922d1ae1e6a113d192de2


Total libraries scanned: 169

Scan token: f0bec0197864463c9e6894ce35103a2b

View more details on Mend for GitHub.com