jonreis
commented
6 months ago I'm having the same issue. Our build process prevents a release if nuget packages with security vulnerabilities are detected. Any updates on a fix?
Closed MartinGreen closed 6 months ago
jonreis
commented
6 months ago I'm having the same issue. Our build process prevents a release if nuget packages with security vulnerabilities are detected. Any updates on a fix?
tiwarishubham635
commented
6 months ago @MartinGreen @jonreis please check #744
Issue Summary
The library is currently referencing vulnerable versions of the System.IdentityModel.Tokens.Jwt library.
Warnings are shown in the package management system in Visual Studio and point to the following links https://github.com/advisories/GHSA-8g9c-28fc-mcx2 https://github.com/advisories/GHSA-59j7-ghrg-fj52
It should be updated to use the latest versions of the jwt libraries which include fixes for these issues. Currently using 6.15, fixed is >=6.34.
Steps to Reproduce
Technical details: