ross-ellerington-shell
commented
1 month ago Is there any update on this? This is impacting us as well
Open sydseter opened 2 years ago
ross-ellerington-shell
commented
1 month ago Is there any update on this? This is impacting us as well
see: https://security.snyk.io/vuln/SNYK-DOTNET-SYSTEMTEXTREGULAREXPRESSIONS-174708
Tested 83 dependencies for known issues, found 1 issue, 3 vulnerable paths.
Log: Issues with no direct upgrade or patch: ✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://snyk.io/vuln/SNYK-DOTNET-SYSTEMTEXTREGULAREXPRESSIONS-174708] in System.Text.RegularExpressions@4.3.0 introduced by: Mailjet.Api@2.0.2 > NETStandard.Library@1.6.1 > System.Text.RegularExpressions@4.3.0 Mailjet.Api@2.0.2 > NETStandard.Library@1.6.1 > System.Xml.ReaderWriter@4.3.0 > System.Text.RegularExpressions@4.3.0 Mailjet.Api@2.0.2 > NETStandard.Library@1.6.1 > System.Xml.XDocument@4.3.0 > System.Xml.ReaderWriter@4.3.0 > System.Text.RegularExpressions@4.3.0 This issue was fixed in versions: 4.3.1