imagesharp dep has vulnerability apparently

space-wizards / RobustToolbox

Robust multiplayer game engine, used by Space Station 14

https://spacestation14.io

Other

556 stars 417 forks source link

imagesharp dep has vulnerability apparently #4943

Closed deltanedas closed 8 months ago

deltanedas commented 9 months ago

warning NU1903: Package 'SixLabors.ImageSharp' 3.1.2 has a known high severity vulnerability, https://github.com/advisories/GHSA-65x7-c272-7g7r

bump to 3.1.3 probably

metalgearsloth commented 8 months ago

fixed in <1 morbillion backported engine versions>

deltanedas commented 5 months ago

somehow every build i make has 4 imagesharp warnings so apparently this wasnt done or it needs some cache to be cleared idk? @metalgearsloth reopen maybe

its using 3.1.3 but thats vulnerable too? apparently 3.1.4 is the real fixed one