-
|
I noticed that Avalonia currently references the package Tmds.DBus.Protocol version 0.90.3 via a transitive dependency. Visual Studio reports that this version contains at least one high severity vulnerability, which may lead to potential security risks in projects using Avalonia. Could you please consider updating this dependency to a newer, secure version of Tmds.DBus.Protocol? This would help ensure that Avalonia projects remain safe and compliant with security best practices. Thank you for your attention to this matter! |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
We have updated the package in #21122. The fix will be present in Avalonia 12.0.1 and 11.3.14. Meanwhile, as with any vulnerability in dependent packages, we recommend users to directly reference the |
Beta Was this translation helpful? Give feedback.
We have updated the package in #21122. The fix will be present in Avalonia 12.0.1 and 11.3.14.
Meanwhile, as with any vulnerability in dependent packages, we recommend users to directly reference the
Tmds.DBus.Protocolpackage with version0.92.0in their projects.