search

serilog / serilog-aspnetcore

Serilog integration for ASP.NET Core
Apache License 2.0
1.32k stars 209 forks source link

Upgrade Serilog.Settings.Configuration to fix a System.Text.Json security vulnerability. #379

Closed brunomartinspro closed 4 months ago

brunomartinspro commented 4 months ago

Upgrading the package Serilog.Settings.Configuration fixes the Denial of Service (DoS) security vulnerability detected on the dependencies of System.Text.Json@8.0.0.

Serilog.AspNetCore@8.0.1 > Serilog.Settings.Configuration@8.0.0 > Microsoft.Extensions.DependencyModel@8.0.0 > System.Text.Json@8.0.0

https://security.snyk.io/vuln/SNYK-DOTNET-SYSTEMTEXTJSON-7433719

brunomartinspro commented 4 months ago

Closing this as the fix is also on https://github.com/serilog/serilog-aspnetcore/pull/378