visual-studionuget-package

"This solution contains packages with vulnerabilities" - How do I determine which packages contains vulnerabilities?


Visual Studio shows me the following warning when I open the solution explorer:

enter image description here

When I click the 'Manage NuGet Packages' link and scroll through the nuget packages, I can't see any indication of exactly what packages contains vulnerabilities. How do I figure out exactly what packages contains vulnerabilities?


Solution

  • When you do a "Manage NuGet Packages", you should see an option "Show only vulnerable" (at least I do in my VS 2022 v17.8.2):

    enter image description here

    Make sure to also select "nuget.org" as the package source, since "All" doesn't appear to list any vulnerable packages (with VS v17.8.3):

    enter image description here