Aaronontheweb
commented
4 months ago I don't think this really affects us as we never make any HTTP calls at all inside Petabridge.Cmd (it's all Akka.IO-based, which uses TCP sockets) but we'll see if we can make the warning go away, although I don't even know what dependency we take that could cause this.
The package uses a vulnerable version of System.Net.Http which is affected by CVE-2018-8292.