Fix CVE-2024-30105 - Githubissues

danielpalme / ReportGenerator

ReportGenerator converts coverage reports generated by coverlet, OpenCover, dotCover, Visual Studio, NCover, Cobertura, JaCoCo, Clover, gcov or lcov into human readable reports in various formats.

https://reportgenerator.io

Apache License 2.0

2.56k stars 279 forks source link

Fix CVE-2024-30105 #680

Closed 304NotModified closed 1 month ago

304NotModified commented 1 month ago

System.Text.Json <= 8.0.3 has the CVE-2024-30105

System.Text.Json is a dependency of Microsoft.Extensions.Configuration.Json, but there isn't a update of that package.

TODO

[ ] update all version numbers?
[ ] update changelog

Fixes https://github.com/danielpalme/ReportGenerator/issues/681

Please release a new version of the global tool after merging :)

304NotModified commented 1 month ago

I think there a multiple version numbers that needs an update. Could you do that for me? I can't edit this project locally (blocked), only in the browser

danielpalme commented 1 month ago

Thank you. New release is now available.