We have been reported with below vulnerability-
CVE-2018-8292 : System.Net.Http(<4.3.4)
On checking I found System.Net.Http(4.3.0) is showing as transitive package that is referenced by below package
Steeltoe.Management.CloudFoundryCore(3.2.3)
FYI, the reported vulnerability is fixed in version 4.3.4 of System.Net.Http. Can you please update the same in the package Steeltoe.Management.CloudFoundryCore and publish the new version?
We have been reported with below vulnerability- CVE-2018-8292 : System.Net.Http(<4.3.4)
On checking I found System.Net.Http(4.3.0) is showing as transitive package that is referenced by below package Steeltoe.Management.CloudFoundryCore(3.2.3)
FYI, the reported vulnerability is fixed in version 4.3.4 of System.Net.Http. Can you please update the same in the package Steeltoe.Management.CloudFoundryCore and publish the new version?