-
Notifications
You must be signed in to change notification settings - Fork 76
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Vulnerability in System.Text.RegularExpressions #86
Comments
I will update the dependency and release it as a new 2.6.2. The other PR has some breaking changes I think, and it should be a 3.0. What do you think? |
That is perfectly OK |
I also now noticed another vulnerability in the Test and Benchmark projects for Microsoft.NETCore.App NuGet (see GHSA-7mfr-774f-w5r9) But the original one is the only one that affects the product itself. |
I think disabling dependabot wasn’t that clever. 😇 |
I removed the |
Currently, TinyCsvParser uses NuGet System.Text.RegularExpressions version 4.3.0 which has a known vulnerability and should be upgraded to a patched version.
See GHSA-cmhx-cq75-c4mj
The text was updated successfully, but these errors were encountered: