search

Azure / azure-kusto-dotnet

Azure Data Explorer (Kusto) SDK for .NET
MIT License
6 stars 3 forks source link

Microsoft.Azure.Kusto.Cloud.Platform missing SqlClient vulnerability fix #9

Closed kriti218 closed 1 year ago

kriti218 commented 1 year ago

@microsoftopensource There are 2 security vulnerability issues in Microsoft.Azure.Kusto.Ingest library:

  1. There is a security vulnerability in Microsoft.Data.SqlClient package where it needs to be upgraded from 2.1.1 to 2.1.2 in Microsoft.Azure.Kusto.Cloud.Platform nuget. We want to fix vulnerabilities in our code using this package but the latest version 11.0 of this library is still pointing to 2.1.1 version.
  2. There is another vulnerability with respect to System.Drawing.Common where version needs to be upgraded from 5.0.0 to 5.0.3. Even that i dont see fixed in 11.0.0 version. Can you please let me know when are you planning to fix these?
yogilad commented 1 year ago

The latest version of Kusto.Data and Kusto.Ingest fix the issue.