Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. An attacker can exhaust system resources by sending specially crafted requests over the network, resulting in service unavailability for legitimate users. Remediation Upgrade...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. An attacker can exhaust system resources by sending specially crafted requests over the network, resulting in service unavailability for legitimate users. Remediation Upgrade...

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via improper link resolution before file access. An attacker can modify local files by exploiting symbolic links to redirect file operations to unintended locations. Remediation Upgrade...

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via improper link resolution before file access. An attacker can modify local files by exploiting symbolic links to redirect file operations to unintended locations. Remediation Upgrade Microsoft.NetCore.App.Runtime.win-x...

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via improper link resolution before file access. An attacker can modify local files by exploiting symbolic links to redirect file operations to unintended locations. Remediation Upgrade...

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via improper link resolution before file access. An attacker can modify local files by exploiting symbolic links to redirect file operations to unintended locations. Remediation Upgrade...

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via improper link resolution before file access. An attacker can modify local files by exploiting symbolic links to redirect file operations to unintended locations. Remediation Upgrade...

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the skipGroup function. An attacker can cause a service crash by sending a crafted protobuf payload with a negative length in a length-delimited field inside a group, leading to an unchecked runtime...

HTTP Response Splitting

Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the MailAddressParser.TryParseAddress function due to improper neutralisation of CRLF sequences. An attacker can impersonate another user or entity by sending specially crafted data over the network...

HTTP Response Splitting

Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the MailAddressParser.TryParseAddress function due to improper neutralisation of CRLF sequences. An attacker can impersonate another user or entity by sending specially crafted data over the network...

HTTP Response Splitting

Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the MailAddressParser.TryParseAddress function due to improper neutralisation of CRLF sequences. An attacker can impersonate another user or entity by sending specially crafted data over the network...

HTTP Response Splitting

Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the MailAddressParser.TryParseAddress function due to improper neutralisation of CRLF sequences. An attacker can impersonate another user or entity by sending specially crafted data over the network...

HTTP Response Splitting

Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the MailAddressParser.TryParseAddress function due to improper neutralisation of CRLF sequences. An attacker can impersonate another user or entity by sending specially crafted data over the network...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read when decoding malformed Base64Url input. An attacker can cause a disruption of service. Remediation Upgrade Microsoft.NETCore.App.Runtime.osx-x64 to version 9.0.14, 10.0.4 or higher. References - GitHub Commit - GitHu...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read when decoding malformed Base64Url input. An attacker can cause a disruption of service. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-musl-x64 to version 9.0.14, 10.0.4 or higher. References - GitHub Commit ...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read when decoding malformed Base64Url input. An attacker can cause a disruption of service. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-x64 to version 9.0.14, 10.0.4 or higher. References - GitHub Commit -...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read when decoding malformed Base64Url input. An attacker can cause a disruption of service. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-arm64 to version 9.0.14, 10.0.4 or higher. References - GitHub Commit -...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read when decoding malformed Base64Url input. An attacker can cause a disruption of service. Remediation Upgrade Microsoft.NETCore.App.Runtime.osx-arm64 to version 9.0.14, 10.0.4 or higher. References - GitHub Commit -...

Incorrect Default Permissions

Overview Affected versions of this package are vulnerable to Incorrect Default Permissions. An attacker can gain elevated privileges by exploiting these permissions locally. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-musl-x64 to version 10.0.4 or higher. References - Vulnerability...

MiracleLinux 9 : dotnet9.0-9.0.107-1.el9_6.ML.1 (AXSA:2025-10581:16)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10581:16 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New...