cve-bin-tool
cve-bin-tool copied to clipboard
intel
New checker: System.Net.Http
New checker request: System.Net.Http
Source code: Please add links in the comments so this issue can be updated
CVE data: https://www.cvedetails.com/product/39158/?q=System.Net.Http
Instructions: How to add a new checker to the CVE Binary Tool
Hey @terriko, I'm interested in this problem, am working on the solution now, will submit a pull request shortly, and I'll keep you updated.
Hey @terriko! is the issue still relevant/useful ? if yes, I would like to work on this. So, please assign it to me.
It's still relevant, but the fact that it's gone this long without getting finished makes me suspect that there's something about this that is hard. If you figure out what that is, @Dev-Voldemort , please comment here to let other people know even if you can't finish the checker!
Hey @terriko, after doing some research I got these version strings. Can you help me in making signature? I'm not sure if it can be done.
Also I would like to point out that System.net.http is deprecated. So do we still make the checker?
Honestly, a lot of what people use cve-bin-tool is to find deprecated code so it can be updated to avoid security concerns. So if you want to push forwards, I don't think that's a blocker for us. That said, if you think this particular checker has only small utility and most people will have updated to something else, feel free to open up an issue for a checker that you think would be more relevant long term and ask me to take your name off this one.
@Wolf-06 I believe @Dev-Voldemort is still working on this one, so it is not open.
Going to close this. We weren't able to make a system.net.http checker (and it seems likely that doing so would be impractical) but @inosmeet does have a dotnet checker that came out of this request, so that's a nice addition even if this wasn't really doable.