System.Drawing.Common vulnerability warning #232
Description
When running my tests through GitHub Actions, this warning is appearing in the logs:
warning NU1904: Package 'System.Drawing.Common' 5.0.0 has a known critical severity vulnerability, GHSA-rxg9-xrhp-64gj
According to the dependency tree, this vulnerable package is referenced like so:
All of the "System . . ." packages have newer versions available, that I assume have the fixed version of System.Drawing.Common.
RazorEngine.NetCore.nixFix package has no updated version available, but it needs updated to use a more current version of System.Security.Permissions. This package (ExtentReports) then needs updated to use the updated RazorEngine.
I'm reporting this here, because @anshooarora owns both of these packages, and the RazorEngine.NetCore.nixFix repo does not give me the ability to report an issue. (Also reporting it here because other people are more likely to encounter this problem using ExtentReports.)
Thanks!