Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Swagger Codegen C# Generator References Vulnerable version of newtonsoft #11833

Open
Christian-Oleson opened this issue Jul 18, 2022 · 0 comments

Comments

@Christian-Oleson
Copy link

Description

https://github.com/swagger-api/swagger-codegen/blob/master/modules/swagger-codegen/src/main/resources/csharp/Project.mustache
The mustache files reference a vulnerable version of Newtonsoft
GHSA-5crp-9r3c-p9vr

Swagger-codegen version

N/a, as this involves the mustache files

Swagger declaration file content or url

N/a, as this involves the mustache files

Command line used for generation

N/a, as this involves the mustache files

Steps to reproduce

Regenerate any C# files from the csharp generator or look at the Mustache files. The files reference a vulnerable version of newtonsoft

Related issues/PRs

N/a

Suggest a fix/enhancement

Upgrade to Newtonsoft.Json v13.x

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant