critical vulnerability in version 5.0.2 of system.drawing.common
jkl-ds opened this issue · 0 comments
jkl-ds commented
"When a .NET application utilizing libgdiplus on a non-Windows system accepts input, an attacker could send a specially crafted request that could result in remote code execution."
Please upgrade to version 5.0.3 or higher.
https://github.com/SciSharp/NumSharp/blob/master/src/NumSharp.Bitmap/NumSharp.Bitmap.csproj#L78