According to Mend's SCA tool, the latest version of package Microsoft.NET.Sdk.Functions (4.4.0) includes a security vulnerability known as CVE-2021-26701, which is linked to upstream dependency System.Text.Encodings.Web 4.5.0. The issue was resolved in versions 4.5.1, 4.7.2, and 5.0.1.
According to Mend's SCA tool, the latest version of package Microsoft.NET.Sdk.Functions (4.4.0) includes a security vulnerability known as CVE-2021-26701, which is linked to upstream dependency System.Text.Encodings.Web 4.5.0. The issue was resolved in versions 4.5.1, 4.7.2, and 5.0.1.
The complete dependency tree is as follows:
Package Microsoft.Azure.WebJobs.Extensions.Http is still active, but that depends on the deprecated package Microsoft.AspNetCore.Routing.