BEST
DEALS OF THE
YEAR!
SAVE UP TO $3,000
LAST DAY 1 DEC
00 Days
00 Hrs
00 Min
00 Sec
Open Closed

High severity vulnerabilities in System.Text.Json, Microsoft.Extensions.Caching.Memory and ImageSharp libraries #8276

User avatar
0
JonSteer73 created
  • ABP Framework version: v8.3.2
  • UI Type: Blazor Server
  • Database System: EF Core (SQL Server.)
  • Tiered (for MVC) or Auth Server Separated (for Angular): no

Hi there. We've run a SAST tool (GitHub advanced security for DevOps) on our Blazor server project and it has noted high severity vulnerabilities in the following packages, which are bundled as part of the ABP libraries:

  • System.Text.Json https://github.com/advisories/GHSA-8g4q-xg66-9fp4
  • Microsoft.Extensions.Caching.Memory https://github.com/advisories/GHSA-qj66-m88j-hmgj
  • SixLabors.ImageSharp https://github.com/advisories/GHSA-63p8-c4ww-9cg7

Are these libraries due to be updated as part of the v9 release? If not, would it be possible to get them patched as part of the next upgrade please?

Thanks! :)

Go to accepted answer
2 Answer(s)
  • User Avatar
    0
    liangshiwei created
    Fullstack Developer

    Hi,

    Yes, we upgrade all Nuget package to the latest

    https://github.com/abpframework/abp/pull/20960

    1
  • User Avatar
    0
    JonSteer73 created

    Sounds perfect - thanks!

Assignee
User avatar liangshiwei
Labels
None yet
Boost Your Development
ABP Live Training
Packages
See Trainings
Mastering ABP Framework Book
The Official Guide
Mastering
ABP Framework
Learn More
Mastering ABP Framework Book
Made with ❤️ on ABP v10.1.0-preview. Updated on November 20, 2025, 09:12
1
ABP Assistant
🔐 You need to be logged in to use the chatbot. Please log in first.