search

xunit / visualstudio.xunit

VSTest runner for xUnit.net (for Visual Studio Test Explorer and dotnet test)
https://xunit.net/
Other
144 stars 81 forks source link

Security Issues with System.Net.Http & System.Text.RegularExpressions Libraries in 2.5.1 #386

Closed gmanreviews closed 11 months ago

gmanreviews commented 11 months ago

With version 2.5.1 of xunit the below security issues have been flagged by scanners around your usage of the System.Net.Http and System.Text.RegularExpressions libraries.

https://security.snyk.io/vuln/SNYK-DOTNET-SYSTEMNETHTTP-60045 https://security.snyk.io/vuln/SNYK-DOTNET-SYSTEMNETHTTP-60046 https://security.snyk.io/vuln/SNYK-DOTNET-SYSTEMNETHTTP-72439 https://security.snyk.io/vuln/SNYK-DOTNET-SYSTEMNETHTTP-60047

https://security.snyk.io/vuln/SNYK-DOTNET-SYSTEMNETHTTP-60048

https://security.snyk.io/vuln/SNYK-DOTNET-SYSTEMTEXTREGULAREXPRESSIONS-174708

Would it be possible to resolve this in a patch for 2.5.x?

bradwilson commented 11 months ago

You've opened this issue in the wrong repository.

It's also a duplicate of several issues that have been closed as "won't fix", including:

https://github.com/xunit/xunit/issues/2778 https://github.com/xunit/xunit/issues/2724 https://github.com/xunit/xunit/issues/2294