Force latest version for System.Text.RegularExpressions 4.3.1 due to …

…known high severity vulnerability, GHSA-cmhx-cq75-c4mj
6bee · Dec 22, 2024 · 251e4ea · 251e4ea
1 parent c38a67e
commit 251e4ea
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/src/Aqua.protobuf-net/Aqua.protobuf-net.csproj b/src/Aqua.protobuf-net/Aqua.protobuf-net.csproj
@@ -19,6 +19,13 @@
             and no workaround has been found yet. Contributions are welcome ;)
     -->    
     <PackageReference Include="protobuf-net" Version="2.4.8" />
+
+    <!-- 
+      NOTE: System.Text.RegularExpressions 4.3.0 has a known high severity vulnerability, https://github.com/advisories/GHSA-cmhx-cq75-c4mj
+            Force latest version for transient dependency recevied via protobuf-net 2.4.8
+    -->
+    <PackageReference Include="System.Text.RegularExpressions" Version="4.3.1" />
+
   </ItemGroup>
 
   <ItemGroup>