Closed vitorrubio closed 2 weeks ago
I’ve been meaning to get organized with my side projects for a while, and finally got some time this weekend to do so. All outstanding dependabot PR's have been tested / merged, and a new package will be released Monday.
there is a issue in versions prior to 13.0.2 concerning default mx depth causing stack overflow exception and them a DOS.
there is also a dependabot pull request waiting for approval since 01/14/2023 https://github.com/DalSoft/DalSoft.RestClient/pull/108
sources: https://devhub.checkmarx.com/cve-details/Cx46691637-14e8/ https://github.com/JamesNK/Newtonsoft.Json/issues/2457 https://github.com/JamesNK/Newtonsoft.Json/pull/2462