Security Vulnerabilities in Microsoft.NET.SDK.Functions 3.0.11

[ginoey]

Hello, I am using Microsoft.NET.SDK.Functions 3.0.11 for my Azure function App. I am getting vulnerabilities in two of the subcomponents which is referred by Microsoft.NET.SDK.Functions 3.0.11 during JFrog X-Ray scanning.

1. System.Net.Sockets:4.3.0 - A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Service Vulnerability'. Severity- High
2. System.Security.Cryptography.X509Certificates:4.3.2 .NET Core and Visual Studio Denial of Service Vulnerability. Severity: Medium

I tried to downgrade the System.Net.Sockets to the lower version 4.1.0 which dont have any security vulnerability and unable to proceed due to this version is not supported by the Microsoft.NET.SDK.Functions 3.0.11.

Could you please let me know how can I resolve this or is there any plan for the future release for fixing of this issue.

Thanks
Gino Varghese

[ginoey]

Hello,
Do you have any updates on the issue that I reported earlier?
Regards
Gino Varghese