issues
search
riskfirst
/
riskfirst.hateoas
Powerful HATEOAS functionality for .NET web api
MIT License
78
stars
25
forks
source link
Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability
#53
Open
ejarvi
opened
6 months ago
ejarvi
commented
6 months ago
Actual
Nuget package RiskFirst.Hateoas 3.1.1 uses Newtonsoft.Json 12.0.1
"Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability" (CVE-2024-21907)
Expected
Upgrade Newtonsoft.Json from 12.0.1 to 13.0.1 to fix the vulnerability.
References
https://nvd.nist.gov/vuln/detail/CVE-2024-21907
https://www.nuget.org/packages/RiskFirst.Hateoas
Actual
Expected
References