You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Thanks for the notification. Our (Moq's) hands are bound however, since there currently isn't any newer version of Castle.Core targeting a more recent .NET Standard.
Work is currently underway at https://github.com/castleproject/Core towards a new major release that will target .NET Standard 2.x, though that release hasn't happened yet.
I suppose in the meantime, you could try manually adding a dependency on a newer version of the System.Text.RegularExpressions package.
/cc @jonorossi (who manages the Castle.Core release process)
Thanks @stakx - I've manually added a dependency to use the latest version of System.Text.RegularExpressions.That has resolved the issue for now. And thanks for the update. :)
@Rashmi-nw, since you found a solution, I am going to close this issue. The only course of action for us will be to update our dependency on Castle.Core, and that'll happen anyway as soon as it becomes available.
We are using Moq@4.16.1 which has a dependency on Castle.Core@4.4.0 . This has a dependency on NETStandard.Library@1.6.1.
NETStandard.Library@1.6.1 has a dependency on System.Text.RegularExpressions@4.3.0 which has a high severity vulnerability.
Info on High severity vulnerability : Description: Regular Expression Denial of Service (ReDoS) - https://snyk.io/vuln/SNYK-DOTNET-SYSTEMTEXTREGULAREXPRESSIONS-174708
The text was updated successfully, but these errors were encountered: