Vulnerable Packages System.Linq.Dynamic.Core and System.Text.Json #641

pkakdiya · 2025-01-27T05:36:09Z

Hi,

Is there any plan to upgrade the transitive dependency for the System.Linq.Dynamic.Core with latest Stable Version and System.Text.Json the Version is also Vulnerable (8.0.0)? please provide the details if any plan to upgrade these packages.

Regards,
Priyank

falvarez1 · 2025-01-29T19:05:16Z

Although the vulnerability is fixed, using the latest version of System.Linq.Dynamic.Core (1.6.0.1) seems to break compatibility.

I get errors such as:
"Exception while parsing expression member.DOB.AddYears(18) < DateTime.Today - Method not found: 'Void System.Linq.Dynamic.Core.ParsingConfig.set_CustomTypeProvider(System.Linq.Dynamic.Core.CustomTypeProviders.IDynamicLinkCustomTypeProvider)'."

YogeshPraj · 2025-01-29T23:53:37Z

@falvarez1 your pull request removing support of .Net 6. We should not do that for now. Can you please update your pull request to support .Net 6 too.

pkakdiya mentioned this issue Jan 27, 2025

Vulnerability in package System.Linq.Dynamic.Core #640

Closed

falvarez1 mentioned this issue Jan 29, 2025

Update projects for .NET 8.0 and 9.0 support #648

Merged

pbhal closed this as completed in #648 Jan 30, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Vulnerable Packages System.Linq.Dynamic.Core and System.Text.Json #641

Vulnerable Packages System.Linq.Dynamic.Core and System.Text.Json #641

pkakdiya commented Jan 27, 2025 •

edited

Loading

falvarez1 commented Jan 29, 2025 •

edited

Loading

YogeshPraj commented Jan 29, 2025

Vulnerable Packages System.Linq.Dynamic.Core and System.Text.Json #641

Vulnerable Packages System.Linq.Dynamic.Core and System.Text.Json #641

Comments

pkakdiya commented Jan 27, 2025 • edited Loading

falvarez1 commented Jan 29, 2025 • edited Loading

YogeshPraj commented Jan 29, 2025

pkakdiya commented Jan 27, 2025 •

edited

Loading

falvarez1 commented Jan 29, 2025 •

edited

Loading