-
Notifications
You must be signed in to change notification settings - Fork 136
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Vulnerability in System.Data.SqlClient package #267
Comments
completed. |
There is a new vulnerability: I wonder, why does the core ChoETL package even depend on System.Data.SqlClient? On first sight, this dependency would be more sensible as an optional extension. |
This is causing users who have upgraded to .NET 9 to not be able to build their solutions as Microsoft have changed the default NuGetAudit options. Maybe this should be addressed and as jvmap said maybe even added as an optional extension. |
upgraded sqlclient package, released v1.2.1.69. |
There is a vulnerability on this package, details here: https://security.snyk.io/vuln/SNYK-DOTNET-SYSTEMDATASQLCLIENT-3110424
Maybe it can be updated to a newer version
The text was updated successfully, but these errors were encountered: