Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Snyk: snowflake-connector-net Microsoft.IdentityModel.JsonWebTokens 6.10.2 | Snyk ID - SNYK-DOTNET-MICROSOFTIDENTITYMODELJSONWEBTOKENS-6148656 #847

Closed
github-actions bot opened this issue Jan 11, 2024 · 2 comments
Assignees
Labels
security vulnerability Security vulnerability detected by WhiteSource status-fixed_awaiting_release The issue has been fixed, its PR merged, and now awaiting the next release cycle of the connector.

Comments

@github-actions
Copy link

Title: Snyk: snowflake-connector-net Microsoft.IdentityModel.JsonWebTokens 6.10.2
Additional information on Snyk can be found here: https://snyk.io/org/snowflakedb-sca-scanning-public-repo/project/6e936eea-71aa-4aa5-a46f-3ee09a811bff
Repo: snowflake-connector-net
CVE: CVE-2024-21319
Package Type: dotnet
Package Name: Microsoft.IdentityModel.JsonWebTokens
Package Version: 6.10.2
Snyk ID: SNYK-DOTNET-MICROSOFTIDENTITYMODELJSONWEBTOKENS-6148656
Vulnerability URL: http://security.snyk.io/vuln/SNYK-DOTNET-MICROSOFTIDENTITYMODELJSONWEBTOKENS-6148656
Severity: medium
Introduced Date: 2024-01-11
Projects with Vulnerability: snowflakedb/snowflake-connector-net:Snowflake.Data/Snowflake.Data.csproj
Target File: Snowflake.Data/Snowflake.Data.csproj
JIRA Ticket: https://snowflakecomputing.atlassian.net/browse/SNOW-1005621

@sfc-gh-pbulawa sfc-gh-pbulawa self-assigned this Jan 11, 2024
@sfc-gh-dszmolka
Copy link
Contributor

#845

@sfc-gh-dszmolka sfc-gh-dszmolka added security vulnerability Security vulnerability detected by WhiteSource status-pr_pending_merge A PR is made and is under review labels Jan 11, 2024
@sfc-gh-pbulawa sfc-gh-pbulawa added status-fixed_awaiting_release The issue has been fixed, its PR merged, and now awaiting the next release cycle of the connector. and removed status-pr_pending_merge A PR is made and is under review labels Jan 11, 2024
@sfc-gh-dszmolka
Copy link
Contributor

fix released with version 3.0.0, closing Issue

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
security vulnerability Security vulnerability detected by WhiteSource status-fixed_awaiting_release The issue has been fixed, its PR merged, and now awaiting the next release cycle of the connector.
Projects
None yet
Development

No branches or pull requests

2 participants