Referenced libraries contain know security vulnerabilities

[miguel-rodriguez-cimino]

Describe the bug?

Libraries referenced in Nuget packages are old versions with know security vulnerabilities.
This results in scanning tools flagging the use of okta-aspnet as a breach in security policies.
Affected packages are:

• System.Text.Encodings.Web:4.7.2
  • Okta.AspNet.Abstractions:5.1.0 ->System.IdentityModel.Tokens.Jwt:6.35.0 -> Microsoft.IdentityModel.JsonWebTokens:6.35.0 ->System.Text.Encodings.Web:4.7.2
  • https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2022-41089
• System.Text.Json:8.0.4
  • GHSA-8g4q-xg66-9fp4

What is expected to happen?

No security issues should be raised by scanning tools

What is the actual behavior?

Scanning tools flag the use of okta-aspnet

Reproduction Steps?

N/A

Additional Information?

No response

.NET Version

8.0.403

SDK Version

.NET SDK:
Version: 8.0.403
Commit: c64aa40a71
Workload version: 8.0.400-manifests.e99c892e
MSBuild version: 17.11.9+a69bbaaf5

OS version

BuildNumber Caption OSArchitecture Version
19045 Microsoft Windows 10 Enterprise 64-bit 10.0.19045