CG Alerts for SBE

[ellahathaway]

SBE repo uses multiple vulnerable packages in the across the main, 9.0, and 8.0 branches:

• System.Formats.Asn1.7.0.0: main, 9.0
• System.Text.Json.8.0.4: main, 9.0
• System.Text.Json.7.0.0: 8.0

[dotnet-issue-labeler]

I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.

[dotnet-issue-labeler]

I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.

[MichaelSimons]

The remaining work in 8.0 is blocked on aspnetcore updating their dependency on IdentityModel.