search

serilog-mssql / serilog-sinks-mssqlserver

A Serilog sink that writes events to Microsoft SQL Server and Azure SQL
Apache License 2.0
276 stars 147 forks source link

Referencing vurnable packages #517

Closed prof-frosty closed 7 months ago

prof-frosty commented 7 months ago

Bug Report / Support Request Template

If you are opening a feature request, you can ignore this template. Bug reports and requests for assistance usually require the same basic information described below. This will help us more quickly reproduce and investigate the problem you're reporting. (If you are using Serilog.Sinks.MSSqlServerCore, that package is deprecated, please switch to Serilog.Sinks.MSSqlServer before reporting an issue.)

Please clearly describe what the SQL Sink is doing incorrectly: Marks "Microsoft.Identity.Model.JsonWebTokens" and System.IdentityModel.Tokens.Jwt" as Moderate vulnerabilities. grafik grafik

Please clearly describe the expected behavior: Microsoft.Identity.Model.JsonWebTokens needs to be updated to 6.34+ System.IdentityModel.Tokens.Jwt needs to be updated to 6.34+

List the names and versions of all Serilog packages used in the project:

Target framework and operating system:

[X] .NET 8 [ ] .NET 6 [ ] .NET Framework 4.8 [ ] .NET Framework 4.7 [ ] .NET Framework 4.6 OS: Windows

ckadluba commented 7 months ago

Fixed in prerelease 6.5.2-dev-00068 https://www.nuget.org/packages/Serilog.Sinks.MSSqlServer/6.5.2-dev-00068.