I am getting build warnings:
Package 'System.Linq.Dynamic.Core' 1.5.1 has a known high severity vulnerability, Property reflection in System.Linq.Dynamic.Core · CVE-2024-51417 · GitHub Advisory Database · GitHub
Which using "dotnet nuget why" can be traced to Radzen.Blazor.
Is there any way to avoid using this dependency, or must just wait for a fix to the System.Linq.Dynamic.Core package and reference that directly.
korchev
January 23, 2025, 11:54am
2
There isn't a way to avoid this dependency. We are waiting for an update of the dependant library and will update Radzen.Blazor.
Am I right in thinking this has now been fixed in 5.9.2 ?
Yes, this version is using the latest version of System.Linq.Dynamic.Core which should no longer be vulnerable. In fact every version since 5.9.0 should not be affected.
Brilliant, thanks for the very quick response.