Information regarding CVE-2024-30105 vulnerability for System.Text.Json in .Net Core 8
A high-severity vulnerability (CVE-2024-30105) in .NET 8.0 can cause a Denial of Service (DoS) when using System.Text.Json
with untrusted input. For more information on this vulnerability, please visit the official GitHub page: https://github.com/advisories/GHSA-hh2w-p6rv-4g7w
This affects Shinydocs Pro users with versions <24.5.0.
When will CVE-2024-30105 be remedied in Shinydocs Pro?
Shinydocs will include the updated .Net Core 8 runtime (8.0.7) in the next release of Shinydocs Pro 24.6.0 to resolve the vulnerability. This will be noted in the release notes of Shinydocs Pro 24.6.0 upon release.
What options are available now to remedy the vulnerability?
If you do not want to wait for the updated version of Shinydoc Pro, you can manually update to .Net Core runtime 8.0.7 by downloading the x64 version of the runtime from Microsoft: https://dotnet.microsoft.com/en-us/download/dotnet/8.0