Symptom
If you have .Net 9 in your environment, when you compile a PowerServer solution in PowerBuilder IDE, you will get some critical severity vulnerability warning messages in the output window similar to the one below:
warning NU1904: Package ‘System.Drawing.Common’ 4.7.0 has a known critical severity vulnerability, https://github.com/advisories/GHSA-rxg9-xrhp-64gj.
Environment
PowerBuilder 2022 R3 MR 3397
PowerServer 2022 R3 MR 3397
Cause
This is because .Net 9 warns user if any library referenced has any vulnerability and some third-party libraries referenced in your PowerServer solution contain vulnerabilities, requiring you to update them to a newer version manually.
Resolution
You can follow instructions below to update the following references to a newer version where the vulnerabilities have been addressed.
1. Update the PowerServer.Core and PowerServer.API NuGet packages in the PowerServer solution to version 2.3.4.
1) Open the C:\Users\appeon\source\repos\pbexamples_cloud\AppModels\AppModels.csproj file and modify the line to use the 2.3.4 version of PowerServer.Core NuGet package as follows.
<PackageReference Include="PowerServer.Core" Version="2.3.4" />
2) Open the C:\Users\appeon\source\repos\pbexamples_cloud\ServerAPIs\ServerAPIs.csproj file and modify the line to use the 2.3.4 version of PowerServer.API NuGet package as follows.
<PackageReference Include="PowerServer.Api" Version="2.3.4" />
2. Open the %AppwebAPI_Home%\UserExtensions\Logging\Logging.xml file and modify the line to use the 2.22.0 version of Microsoft.ApplicationInsights.AspNetCore as follows.
<PackageReference Include=”Microsoft.ApplicationInsights.AspNetCore” Version=”2.22.0” />
3. Rebuild the solution.