FluentEmail icon indicating copy to clipboard operation
FluentEmail copied to clipboard
verified publisher icon lukencode

FluentEmail.MailKit references vulnerable version of Portable.BouncyCastle (1.8.5)

Open gastonmuijtjens opened this issue 4 years ago • 0 comments

FluentEmail.MailKit currently depends on a vulnerable version of Portable.BouncyCastle (1.8.5). Please update to version 1.8.9 or later.

Software projects that use tools like Whitesource that depend on FluentEmail.MailKit will currently fail to pass the CI/CD pipeline because of this vulnerable reference.

See also the National Vulnerability Database of NIST: https://nvd.nist.gov/vuln/detail/CVE-2020-15522

gastonmuijtjens avatar Nov 10 '21 13:11 gastonmuijtjens