Resource Exhaustion
#776
Replies: 3 comments
-
|
Hi, yeah I generally try to let the application using the library set the minimum versions by having the library just target the base major version but in this case since it is a security risk I think I will update it in release shortly. Thank you for asking! |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Thanks again, I just put out a release for this. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
That's great to hear! Thanks for the quick response and keep up the good work! |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hello!
Sorry, wasn't sure where to ask this, or should I ask this so feel free to remove if this is not a valid question or if it is the wrong place to ask.
This was introduced yesterday (9th January) : https://security.snyk.io/vuln/SNYK-DOTNET-MICROSOFTIDENTITYMODELJSONWEBTOKENS-6148656
If I am not mistaken, the latest version of Finbuckle.MultiTenant.AspNetCore (6.13.0. currently) is using Microsoft.AspNetCore.Authentication.OpenIdConnect version 8.0.0. which has the issue mentioned above and I believe was fixed in 8.0.1.
I'm sure you are aware of this already, but I just wanted to ask if there are plans for a new version of Finbuckle.MultiTenant.AspNetCore where this will also be fixed.
I'm new to this so feel free to correct me if I wrote anything wrong.
Thanks and have a great day!
Beta Was this translation helpful? Give feedback.
All reactions