-
Notifications
You must be signed in to change notification settings - Fork 236
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Visual Studio detecting Venerability with SixLabours.ImageSharp dependencies #433
Comments
@bhaveshvakil If you add package SixLabors.ImageSharp 2.1.7 the error will go away. This should be closed with #429 |
will PdfSharpCore works with 2.1.8? version 2.1.7 is vulnerable now |
@hungphamcrl it should it you add the 2.1.8 package directly. PR #435 will bump the minimum version to 2.1.8 |
PR #427 contains that fix and preserves different versions for legacy builds of the library as well. |
It would be great if this could finally get some attention from the author. As mentioned solution proposals have already been provided in the linked PR |
Is there an ETA on this? |
2.1.8 is also flagged now. |
Now update to 2.1.9 |
Can someone upgrade this package?
GHSA-65x7-c272-7g7r
As per author, they already fixed the issue but PdfSharpCore is still using old package.
Thanks
The text was updated successfully, but these errors were encountered: