TechQA.

How to fix the High Risk Remote Code Execution (RCE) vulnerability in System.Data.Common 4.3.0 package referenced by Telerik.UI.for.Blazor

229 views Asked by At

In Visual Studio 2022, I created a library project using .NET Core 6.0 runtime, I am using Telerik.UI.for.Blazor 3.7.0 nuget package. After recent vera code scan I found that there is a security vulnerability in the System.Data.Common 4.3.0 package which is referenced by Telerik package.

I tried to install a System.Data.Common 4.3.0 directly into the project, but the issue still arises. Looking into the official documentation of System.Data.Common, they have not provided a update since 15/11/2016 and 4.3.0 is the latest version.

I tried to update the latest telerik version 4.4.0 and this telerik version is still using the same System.Data.Common package and same vulnerability has been detected.

asp.net-core security nuget safety-critical rce
Original Q&A
0

There are 0 answers

Related Questions in ASP.NET-CORE

Related Questions in SECURITY

Related Questions in NUGET

Related Questions in SAFETY-CRITICAL

Related Questions in RCE

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions