Update Microsoft.Identity JWT libraries
Closed this issue · 0 comments
hamish-smith commented
There is a Denial of Service vulnerability in the JSON Web Token libraries currently referenced in the projects.
CVE-2024-21319 affects both Microsoft.IdentityModel.JsonWebTokens and System.IdentityModel.Tokens.Jwt.
Updating these two dependencies closes dependabot security alerts 46-69.