TSM .NET API
Status as of
The following known vulnerabilities were found:
| CVE ID | Severity | Package | Details | Summary | Mitigation |
|---|---|---|---|---|---|
| High | Newtonsoft.Json | https://github.com/advisories/GHSA-5crp-9r3c-p9vr | Newtonsoft.Json prior to version 13.0.1 is vulnerable to due to improper handling of expressions with high nesting level that lead to StackOverFlow exceptions or high CPU and RAM usage. Exploiting this vulnerability may result in denial of service (DoS). | The vulnerable package is not used by HAKOM products but transitively by another package. Since we are using a higher version ourselves for deserialization, HAKOM products are not affected. An update to the package depending on the vulnerable version of Newtonsoft.Json is being worked on and will be used by HAKOM as soon as possible. |