AspNetCore.Diagnostics.HealthChecks icon indicating copy to clipboard operation
AspNetCore.Diagnostics.HealthChecks copied to clipboard

Published 20 hours ago verified publisher icon Xabaril

Update to latest Microsoft.Data.SqlClient due to CVE-2024-0056 (and others)

Open ThumbGen opened this issue 5 months ago • 1 comments

Please, fill the following sections to help us fix the issue

What happened: There's a vulnerability present in the v5.1.1 of Microsoft.Data.SqlClient: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0056

Other vulnerabilities also present: image

What you expected to happen: No known vulnerabilities brought in by the Healthcheck libraries.

How to reproduce it (as minimally and precisely as possible): Just look at the nuget vulnerabilities scan.

Source code sample:

Anything else we need to know?:

Environment:

  • .NET Core version: 8.0.101
  • Healthchecks version: 8.0.0
  • Operative system: Win11
  • Others:

ThumbGen avatar Jan 25 '24 12:01 ThumbGen

Saw now there's a PR pending; would be nice to include updates for the other vulnerabilities as well. https://github.com/Xabaril/AspNetCore.Diagnostics.HealthChecks/pull/2140

ThumbGen avatar Jan 25 '24 12:01 ThumbGen