Installing Microsoft.ApplicationInsights.AspNetCore results in a vulnerability with System.Private.Uri, when building a project targeting linux runtime linux-musl-x64.
This occurs because Microsoft.Extensions.Caching.Memory 1.0.0 is installed as result of transitive dependency from Microsoft.ApplicationInsights.PerfCounterCollector, which then will install runtime.any.System.Runtime/4.3.0 which then installs runtime.unix.System.Private.Uri/4.3.0 which is vulnerable CVE-2019-0980
Expected behaviour
Installing Microsoft.ApplicationInsights.AspNetCore should not install old and deprecated package like Microsoft.Extensions.Caching.Memory
Actual behaviour
Installing Microsoft.ApplicationInsights.AspNetCore results in a vulnerability with System.Private.Uri, when building a project targeting linux runtime linux-musl-x64.
This occurs because Microsoft.Extensions.Caching.Memory 1.0.0 is installed as result of transitive dependency from Microsoft.ApplicationInsights.PerfCounterCollector, which then will install runtime.any.System.Runtime/4.3.0 which then installs runtime.unix.System.Private.Uri/4.3.0 which is vulnerable CVE-2019-0980
Expected behaviour
Installing Microsoft.ApplicationInsights.AspNetCore should not install old and deprecated package like Microsoft.Extensions.Caching.Memory