-
Notifications
You must be signed in to change notification settings - Fork 298
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update System.IdentityModel.Tokens.Jwt dependency to fix security vulnerabilites #739
Labels
type: security
known security issue
Comments
MartinGreen
changed the title
Update System.IdentityModel.Tokens.Jwt dependancy to fix security vulnerabilites
Update System.IdentityModel.Tokens.Jwt dependency to fix security vulnerabilites
Mar 13, 2024
I'm having the same issue. Our build process prevents a release if nuget packages with security vulnerabilities are detected. Any updates on a fix? |
@MartinGreen @jonreis please check #744 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Issue Summary
The library is currently referencing vulnerable versions of the System.IdentityModel.Tokens.Jwt library.
Warnings are shown in the package management system in Visual Studio and point to the following links
GHSA-8g9c-28fc-mcx2
GHSA-59j7-ghrg-fj52
It should be updated to use the latest versions of the jwt libraries which include fixes for these issues. Currently using 6.15, fixed is >=6.34.
Steps to Reproduce
Technical details:
The text was updated successfully, but these errors were encountered: