19 matches found
MiracleLinux 8 : dotnet6.0-6.0.102-1.el8.ML.1 (AXSA:2022-3064:04)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3064:04 advisory. dotnet: ASP.NET Core Krestel HTTP headers pooling denial of service CVE-2022-21986 CVEs: CVE-2022-21986 Tenable has extracted the preceding description block...
SUSE CVE-2022-21986
unknown...
Rocky Linux 8 : .NET 5.0 (RLSA-2022:0495)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:0495 advisory. - .NET Denial of Service Vulnerability CVE-2022-21986 Note that Nessus has not tested for this issue but has instead relied only on the application's self-report...
Rocky Linux 8 : .NET 6.0 (RLSA-2022:0496)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:0496 advisory. - .NET Denial of Service Vulnerability CVE-2022-21986 Note that Nessus has not tested for this issue but has instead relied only on the application's self-report...
GHSA-X459-P2RX-F8FF .NET Denial of Service Vulnerability
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0 and .NET 5.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A Denial of Service vulnerability exists in .NET 6.0 and...
Security fix for the ALT Linux 9 package dotnet-bootstrap-5.0 version 5.0.14-alt1
5.0.14-alt1 built March 22, 2022 Vitaly Lipatov in task 295274 Feb. 12, 2022 Vitaly Lipatov - .NET 5.0.14 - February 8, 2022 - CVE-2022-21986 : .NET Denial of Service Vulnerability - CVE-2021-43877 : ASP.NET Core Elevation of privilege Vulnerability - CVE-2021-41355 : .NET Core Information...
Security fix for the ALT Linux 9 package dotnet-runtime-5.0 version 5.0.14-alt1
5.0.14-alt1 built March 22, 2022 Vitaly Lipatov in task 295274 Feb. 12, 2022 Vitaly Lipatov - new version 5.0.14 with rpmgs script - CVE-2022-21986 : .NET Denial of Service Vulnerability - CVE-2021-41355 : .NET Core Information Disclosure Vulnerability - CVE-2021-34485 : .NET Core Information...
Oracle Linux 8 : .NET / 6.0 (ELSA-2022-0496)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-0496 advisory. 6.0.102-1.0.1 - Add missing Oracle RIDs 6.0.102-1 - Update to .NET SDK 6.0.102 and Runtime 6.0.2 - Resolves: RHBZ2048257 Tenable has extracted the preceding...
Fedora: Security Advisory for dotnet6.0 (FEDORA-2022-1fd0cea1e2)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for dotnet6.0 (FEDORA-2022-4f43c83583)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security fix for the ALT Linux 10 package dotnet-runtime-5.0 version 5.0.14-alt1
5.0.14-alt1 built Feb. 21, 2022 Vitaly Lipatov in task 295271 Feb. 12, 2022 Vitaly Lipatov - new version 5.0.14 with rpmgs script - CVE-2022-21986 : .NET Denial of Service Vulnerability - CVE-2021-41355 : .NET Core Information Disclosure Vulnerability - CVE-2021-34485 : .NET Core Information...
Security fix for the ALT Linux 10 package dotnet-bootstrap-5.0 version 5.0.14-alt1
5.0.14-alt1 built Feb. 21, 2022 Vitaly Lipatov in task 295271 Feb. 12, 2022 Vitaly Lipatov - .NET 5.0.14 - February 8, 2022 - CVE-2022-21986 : .NET Denial of Service Vulnerability - CVE-2021-43877 : ASP.NET Core Elevation of privilege Vulnerability - CVE-2021-41355 : .NET Core Information...
Oracle Linux 8 : .NET / 5.0 (ELSA-2022-0495)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-0495 advisory. 5.0.211-1.0.1 - Support AArch64 on Oracle Linux Orabug: 32738620 - Include new Oracle Linux runtime IDs Add 1000-Add-missing-OL-RIDs.patch 5.0.211-1 - Update to...
Security Update for .NET Core (February 2022) (macOS)
The Microsoft .NET core installation on the remote macOS host is version 5.0 prior to 5.0.14 or version 6.0 prior to 6.0.2. It is, therefore, affected by a denial of service DoS vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application service...
RHEL 8 : .NET 6.0 (RHSA-2022:0496)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:0496 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. N...
CVE-2022-21986
.NET Denial of Service Vulnerability...
CVE-2022-21986 .NET Denial of Service Vulnerability
...
CVE-2022-21986
CVE-2022-21986 is a .NET Denial of Service vulnerability in the Kestrel web server. The issue arises when processing certain HTTP/2 and HTTP/3 requests, enabling remote network-based DoS with low attack complexity. Affected products include .NET 6.0 up to 6.0.1 and .NET 5.0 up to 5.0.13. Remediat...
Security Update for Visual Studio 2019 (February 2022) (macOS)
The Microsoft Visual Studio 2019 runtime installed on the remote macOS or Mac OS X host is missing a security update. It is, therefore, affected by the following vulnerability: - A Denial of Service vulnerability exists in .NET 6.0 and .NET 5.0 when the Kestrel web server processes certain HTTP/2...