Package 'Newtonsoft.Json' 9.0.1 has a known moderate severity (coverlet.core)

Project coverlet.core uses [vulnerable Package 'Newtonsoft.Json 9.0.1](https://github.com/advisories/GHSA-5crp-9r3c-p9vr)'. This assembly is also added coverlet Nuget packages.

<img width="624" alt="image" src="https://github.com/coverlet-coverage/coverlet/assets/2315215/428ac34e-36fb-47cd-a9fb-7d375d22dcdd">



The version is defined in [Directory.Build.targets](https://github.com/coverlet-coverage/coverlet/blob/master/Directory.Build.targets) with comment "Do not upgrade".
```xml
    
    <PackageReference Update="Newtonsoft.Json" Version="9.0.1" />
    <PackageReference Update="NuGet.Packaging" Version="5.4.0" />
    <PackageReference Update="ReportGenerator.Core" Version="4.6.0" />
```

When will the **Newtonsoft.Json** package version be upgraded to **V13.0.3**?

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Package 'Newtonsoft.Json' 9.0.1 has a known moderate severity (coverlet.core) #1505

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Package 'Newtonsoft.Json' 9.0.1 has a known moderate severity (coverlet.core) #1505

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions