Closed asos-idreesrabani closed 11 months ago
Issue Snyk has identified a vulnerability in the following package: Asos.SimpleEventStore.CosmosDb@5.0.11 › Microsoft.Azure.Cosmos@3.10.1 › System.ServiceModel.Primitives@4.5.0
Solution To fix this, update the Microsoft.Azure.Cosmos package to the latest version (v3.32.0), which no longer uses the System.ServiceModel.Primitives thus reducing our vulnerability to attacks.
Merged.
asos-andrewpotts
commented
11 months ago
Issue Snyk has identified a vulnerability in the following package: Asos.SimpleEventStore.CosmosDb@5.0.11 › Microsoft.Azure.Cosmos@3.10.1 › System.ServiceModel.Primitives@4.5.0
Solution To fix this, update the Microsoft.Azure.Cosmos package to the latest version (v3.32.0), which no longer uses the System.ServiceModel.Primitives thus reducing our vulnerability to attacks.
71 Includes the change required to mitigate this risk.