You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This version has a known vulnerability reported by some scanners. Here's an alert from WhiteSource/Mend scanner:
WS-2022-0161
Improper Handling of Exceptional Conditions in Newtonsoft.Json. Newtonsoft.Json prior to version 13.0.1 is vulnerable to Insecure Defaults (...)
This vulnerability might not be exploitable in scenario where Nerdbank.GitVersioning is typically used, but nevertheless, it generates alerts and makes it problematic to use in corporate environments ;) Is there any way that this reference could be bumped up to the most recent version? 13.0.1 fixes this problem.
The text was updated successfully, but these errors were encountered:
Hi!
NBGV tool seems to currently rely on Newtonsoft.Json 9.0.1:
This version has a known vulnerability reported by some scanners. Here's an alert from WhiteSource/Mend scanner:
This vulnerability might not be exploitable in scenario where
Nerdbank.GitVersioning
is typically used, but nevertheless, it generates alerts and makes it problematic to use in corporate environments ;) Is there any way that this reference could be bumped up to the most recent version? 13.0.1 fixes this problem.The text was updated successfully, but these errors were encountered: