Vulnerability in System.Text.RegularExpressions@4.3.1 dependency

Question

Vulnerability in System.Text.RegularExpressions@4.3.1 dependency

Opened this issue 2 years ago · 0 comments

Enexure.MicroBus.Autofac@3.7.0 has dependency to System.Text.RegularExpressions@4.3.1 which has vulnerability: LINK. Please update it to newer version if possible.

Update:
It's because .net standard that is used in this project references System.Text.RegularExpressions@4.3.1. At the end of the day, application will use System.Text.RegularExpressions provided by .net SDK installed on the machine. It means that as long as SDK is in newest version there should be no problem, but it would be nice to have this package targeted for the newest LTS .net.