Uploaded image for project: 'C# Driver'
  1. C# Driver
  2. CSHARP-3869

Update SharpCompress to remedy vulnerability

XMLWordPrintableJSON

    • Type: Icon: Task Task
    • Resolution: Fixed
    • Priority: Icon: Unknown Unknown
    • 2.14.0
    • Affects Version/s: None
    • Component/s: None
    • Labels:
      None

      There is a vulnerability in SharpCompress versions earlier than 0.29.0 as reported by Snyk: https://snyk.io/vuln/SNYK-DOTNET-SHARPCOMPRESS-1585664

      As noted in below comments, the driver's usage of SharpCompress does not expose the vulnerability.

       

        1. image-2021-09-20-14-50-06-298.png
          image-2021-09-20-14-50-06-298.png
          161 kB
        2. image-2021-09-20-16-38-20-494.png
          image-2021-09-20-16-38-20-494.png
          20 kB

            Assignee:
            dmitry.lukyanov@mongodb.com Dmitry Lukyanov (Inactive)
            Reporter:
            aleksander@idfy.io Aleksander Sleire
            Votes:
            1 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: