JsonDiffPatch icon indicating copy to clipboard operation
JsonDiffPatch copied to clipboard

Published 20 hours ago verified publisher icon mcintyre321

Using vulnerable packages

Open EugeneKrapivin opened this issue 1 year ago • 1 comments

hey! I'm seeing in my build process that the JsonDiffPatch is pulling some vulnerable packages

[net6.0]:
   Transitive Package           Resolved   Severity   Advisory URL
   > Microsoft.NETCore.App      1.1.2      High       https://github.com/advisories/GHSA-7mfr-774f-w5r9
                                           High       https://github.com/advisories/GHSA-8884-xcr4-r68p
   > Microsoft.NETCore.Jit      1.1.2      High       https://github.com/advisories/GHSA-xcvr-qv8h-m7xw

are you planning to handle it at some time? would you like a PR?

EugeneKrapivin avatar Sep 21 '23 11:09 EugeneKrapivin

Yes, prs welcome

On Thu, 21 Sept 2023, 12:05 Eugene Krapivin, @.***> wrote:

hey! I'm seeing in my build process that the JsonDiffPatch is pulling some vulnerable packages

[net6.0]: Transitive Package Resolved Severity Advisory URL

Microsoft.NETCore.App 1.1.2 High https://github.com/advisories/GHSA-7mfr-774f-w5r9 High https://github.com/advisories/GHSA-8884-xcr4-r68p Microsoft.NETCore.Jit 1.1.2 High https://github.com/advisories/GHSA-xcvr-qv8h-m7xw

are you planning to handle it at some time? would you like a PR?

— Reply to this email directly, view it on GitHub https://github.com/mcintyre321/JsonDiffPatch/issues/25, or unsubscribe https://github.com/notifications/unsubscribe-auth/AACDJ6W2ZCLTQKHPTB5LU4DX3QNRDANCNFSM6AAAAAA5BLKVCI . You are receiving this because you are subscribed to this thread.Message ID: @.***>

mcintyre321 avatar Sep 21 '23 12:09 mcintyre321