We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent 88bbed3 commit 3fd5fa1Copy full SHA for 3fd5fa1
1 file changed
Directory.Packages.props
@@ -1,12 +1,15 @@
1
<Project>
2
<PropertyGroup>
3
<ManagePackageVersionsCentrally>true</ManagePackageVersionsCentrally>
4
+ <CentralPackageTransitivePinningEnabled>true</CentralPackageTransitivePinningEnabled>
5
<AspireVersion>13.1.2</AspireVersion>
6
</PropertyGroup>
7
8
<!-- ASP.NET Core Dependencies -->
9
<ItemGroup Label="ASP.NET Core">
10
<PackageVersion Include="Microsoft.AspNetCore.OpenApi" Version="10.0.7" />
11
+ <!-- Pin to patched version to avoid CVE-2026-49451 (stack overflow on circular schema refs). -->
12
+ <PackageVersion Include="Microsoft.OpenApi" Version="2.7.5" />
13
<PackageVersion Include="Microsoft.Extensions.Http" Version="10.0.7" />
14
</ItemGroup>
15
0 commit comments