SqlClient 5.14 currently relies on transient packages that have vulnerabilities.
Microsoft.IdentityModel.JsonWebTokens is being referenced at version 6.24.0, which currently is vulnerable.
Microsoft.IdentityModel.Protocols.OpenIdConnect is being referenced at version 6.24.0, which has a dependency of System.IdentityModel.Tokens.Jwt , which is vulnerable.
Could these packages please be updated to non-vulnerable versions?
SqlClient 5.14 currently relies on transient packages that have vulnerabilities.
Microsoft.IdentityModel.JsonWebTokens is being referenced at version 6.24.0, which currently is vulnerable.
Microsoft.IdentityModel.Protocols.OpenIdConnect is being referenced at version 6.24.0, which has a dependency of System.IdentityModel.Tokens.Jwt , which is vulnerable.
Could these packages please be updated to non-vulnerable versions?