[INTERNAL] Changelog: Adds note about Newtonsoft.Json (10.0.3) securi…

…ty vulnerability and upgrade to latest patched version (#4694) * [INTERNAL] Changelog: Add note about Newtonsoft.Json (10.0.3) secuirty vulnerability and upgrade to latest patched version * Update changelog.md Co-authored-by: Kevin Pilch <[email protected]> --------- Co-authored-by: Kevin Pilch <[email protected]>
Azure · Sep 17, 2024 · 9aafc77 · 9aafc77
1 parent 7839885
commit 9aafc77
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/changelog.md b/changelog.md
@@ -6,6 +6,8 @@ Make sure that your applications, when using the .NET V3 SDK, are using at least
 
 Any known issues detected on that version are listed in the [known issues](#known-issues) section.
 
+> NOTE: Microsoft.Azure.Cosmos has Newtonsoft.Json (10.0.3) as default dependency which has a known high [severity vulnerability](https://github.com/advisories/GHSA-5crp-9r3c-p9vr), please upgrade to latest patched version by adding an explicit reference in your csproj file.
+
 ## Release notes
 
 Preview features are treated as a separate branch and will not be included in the official release until the feature is ready. Each preview release lists all the additional features that are enabled.