imagekit-dotnet icon indicating copy to clipboard operation
imagekit-dotnet copied to clipboard
verified publisher icon imagekit-developer

Vulnerable Newtonsoft.Json version

Open skornel02 opened this issue 1 year ago • 3 comments

ImageKit-Dotnet references several vulnerable versions of Newtonsoft.Json

https://github.com/advisories/GHSA-5crp-9r3c-p9vr

skornel02 avatar Nov 22 '24 08:11 skornel02

Also maybe move the project to use system.text.json instead to avoid extra packages. I have projects which have newtonsoft as a transitive packages because of this imagekit package

larsbloch avatar May 21 '25 10:05 larsbloch

Any updates on this? @imagekitio

kimfom01 avatar Dec 02 '25 13:12 kimfom01

We will release a new version in coming weeks which will be much better than this. Unfortunately we won’t be making any changes before that.

imagekitio avatar Dec 02 '25 14:12 imagekitio