search

OPCFoundation / UA-.NETStandard

OPC Unified Architecture .NET Standard
Other
1.89k stars 925 forks source link

Usage of outdated and unmaintained dependencies #2604

Closed DerGary closed 2 months ago

DerGary commented 2 months ago

Type of issue

Current Behavior

Currently OPCFoundation.NetStandard.Opc.Ua.Bindings.Https uses dependency System.Net.Http which is no longer maintained which uses dependency System.Security.Cryptography.X509Certificates which is also no longer maintained and has a High Risk Vulnerability CVE-2024-0057 Dependency Graph: image

Expected Behavior

No vulnerable nor unmaintained dependencies are used.

Steps To Reproduce

  1. Search for Security Vulnerabilities for the project, e.g. with Dependency Track

Environment

Not applicable

Anything else?

No response

mregen commented 2 months ago

thanks, looks like dependency can be removed