The following Aspose nuget packages (aspose.cells.21.7.0, aspose.email.22.11.0, aspose.pdf.22.12.0 and aspose.cells.22.12.0.nupkg) are getting flagged for containing a vulnerable nuget dependency for System.Security.Cryptography.Pkcs version 6.0.1. Looks like even the latest versions of above mentioned packages contain the vulnerable version of System.Security.Cryptography.Pkcs.
How do we go about mitigating this issue? Can we expect a patch for the above mentioned packages using a non-vulnerable version of System.Security.Cryptography.Pkcs (this relates to CVE-2023-29331)