Skip to content

Outdated Swashbuckle.AspNetCore in Volo.Abp.Swashbuckle causes Microsoft.OpenApi transitive security vulnerability warning #25758

Description

@2501272126

Is there an existing issue for this?

  • I have searched the existing issues

Description

The Volo.Abp.Swashbuckle package references a very old version of Swashbuckle.AspNetCore.
This pulls in a vulnerable version of Microsoft.OpenApi as a transitive dependency, triggering security vulnerability alerts in NuGet security scanning tools.

Reproduction Steps

No response

Expected behavior

No response

Actual behavior

No response

Regression?

No response

Known Workarounds

No response

Version

10.50

User Interface

MVC

Database Provider

EF Core (Default)

Tiered or separate authentication server

None (Default)

Operation System

Windows (Default)

Other information

No response

Metadata

Metadata

Assignees

Labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions