FluentEmail.MailKit references vulnerable version of Portable.BouncyCastle (1.8.5)
gastonmuijtjens opened this issue · comments
Gaston Muijtjens commented
FluentEmail.MailKit currently depends on a vulnerable version of Portable.BouncyCastle (1.8.5). Please update to version 1.8.9 or later.
Software projects that use tools like Whitesource that depend on FluentEmail.MailKit will currently fail to pass the CI/CD pipeline because of this vulnerable reference.
See also the National Vulnerability Database of NIST: https://nvd.nist.gov/vuln/detail/CVE-2020-15522