You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Provides high-performance and low-allocating types that serialize objects to JavaScript Object Notation (JSON) text and deserialize JSON text to objects, with UTF-8 support built-in. Also provides types to read and write JSON text encoded as UTF-8, and to create an in-memory document object model (DOM), that is read-only, for random access of the JSON elements within a structured view of the data.
The System.Text.Json library is built-in as part of the shared framework in .NET Runtime. The package can be installed when you need to use it in other target frameworks.
CVE-2024-43485 - High Severity Vulnerability
Vulnerable Library - system.text.json.8.0.4.nupkg
Provides high-performance and low-allocating types that serialize objects to JavaScript Object Notation (JSON) text and deserialize JSON text to objects, with UTF-8 support built-in. Also provides types to read and write JSON text encoded as UTF-8, and to create an in-memory document object model (DOM), that is read-only, for random access of the JSON elements within a structured view of the data.
The System.Text.Json library is built-in as part of the shared framework in .NET Runtime. The package can be installed when you need to use it in other target frameworks.
Library home page: https://api.nuget.org/packages/system.text.json.8.0.4.nupkg
Path to dependency file: /swagger-client/csharp/src/IO.Swagger.Test/IO.Swagger.Test.csproj
Path to vulnerable library: /home/wss-scanner/.nuget/packages/system.text.json/8.0.4/system.text.json.8.0.4.nupkg
Dependency Hierarchy:
Found in HEAD commit: 0879348474e22463e77dc76ba5e5f7e6300a2b6c
Found in base branch: master
Vulnerability Details
.NET and Visual Studio Denial of Service Vulnerability
Publish Date: 2024-10-08
URL: CVE-2024-43485
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: GHSA-8g4q-xg66-9fp4
Release Date: 2024-10-08
Fix Resolution: System.Text.Json - 6.0.10,8.0.5
Step up your Open Source Security Game with Mend here
The text was updated successfully, but these errors were encountered: