mayuki
commented
3 weeks ago Thank you for your feedback. We have released 6.1.6, which includes an update to MessagePack.
Closed VladimirRudt closed 2 weeks ago
mayuki
commented
3 weeks ago Thank you for your feedback. We have released 6.1.6, which includes an update to MessagePack.
Hi guys, We are using MagicOnion in one of our projects and we encountered a problem.
The Mend.io diagnostic service has detected that we are using a vulnerable version of MessagePack. We don't use MessagePack directly, but MagicOnion (v6.1.5) does:
Link to vulnerability description: https://github.com/MessagePack-CSharp/MessagePack-CSharp/security/advisories/GHSA-4qm4-8hg2-g2xm
Do you plan to upgrade MessagePack to the patched version 2.5.187?