132 matches found
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS when reading a maliciously crafted X.509 certificate. Note: This issue only affects Linux systems. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS when reading a maliciously crafted X.509 certificate. Note: This issue only affects Linux systems. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS in .NET Kestrel where a malicious client can bypass QUIC stream limit in HTTP/3 in both ASP.NET and .NET runtimes, resulting in exploitation of this vulnerability. Note: .NET 6 included HTTP/3 support as a preview...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS in .NET Kestrel where a malicious client can bypass QUIC stream limit in HTTP/3 in both ASP.NET and .NET runtimes, resulting in exploitation of this vulnerability. Note: .NET 6 included HTTP/3 support as a preview...
Privilege Escalation
Overview Affected versions of this package are vulnerable to Privilege Escalation. A vulnerability exists in .NET using extracting the contents of a Tar file which may result in elevation of privileges. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-x64 to version 6.0.18, 7.0.7 or higher...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. There is a vulnerability in the MSDIA SDK where corrupted PDBs can cause heap overflow, leading to a crash or remote code execution. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-x64 to version 6.0.18,...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. A vulnerability exists in .NET source generator for P/Invokes that can lead to generated code freeing uninitialized memory and crashing. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-musl-arm64 to...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. There is a vulnerability in the MSDIA SDK where corrupted PDBs can cause heap overflow, leading to a crash or remote code execution. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-arm to version 6.0.18,...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. A vulnerability exists in .NET source generator for P/Invokes that can lead to generated code freeing uninitialized memory and crashing. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-arm to version 7.0...
Privilege Escalation
Overview Affected versions of this package are vulnerable to Privilege Escalation. A vulnerability exists in .NET using extracting the contents of a Tar file which may result in elevation of privileges. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-x64 to version 6.0.18, 7.0.7 or higher...
Privilege Escalation
Overview Affected versions of this package are vulnerable to Privilege Escalation. A vulnerability exists in .NET using extracting the contents of a Tar file which may result in elevation of privileges. Remediation Upgrade Microsoft.NETCore.App.Runtime.osx-x64 to version 6.0.18, 7.0.7 or higher...
Privilege Escalation
Overview Affected versions of this package are vulnerable to Privilege Escalation. A vulnerability exists in .NET using extracting the contents of a Tar file which may result in elevation of privileges. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-x86 to version 6.0.18, 7.0.7 or higher...
Privilege Escalation
Overview Affected versions of this package are vulnerable to Privilege Escalation. A vulnerability exists in .NET using extracting the contents of a Tar file which may result in elevation of privileges. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-musl-arm to version 6.0.18, 7.0.7 or...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS. A vulnerability exists in .NET when processing malicious X.509 client certificates that may consume excessive CPU. Details Denial of Service DoS describes a family of attacks, all aimed at making a system...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS. A vulnerability exists in .NET when processing malicious X.509 client certificates that may consume excessive CPU. Details Denial of Service DoS describes a family of attacks, all aimed at making a system...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS. A vulnerability exists in .NET when processing malicious X.509 client certificates that may consume excessive CPU. Details Denial of Service DoS describes a family of attacks, all aimed at making a system...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS. A vulnerability exists in .NET when processing malicious X.509 client certificates that may consume excessive CPU. Details Denial of Service DoS describes a family of attacks, all aimed at making a system...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS. A vulnerability exists in .NET when processing malicious X.509 client certificates that may consume excessive CPU. Details Denial of Service DoS describes a family of attacks, all aimed at making a system...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS. A vulnerability exists in .NET when processing malicious X.509 client certificates that may consume excessive CPU. Details Denial of Service DoS describes a family of attacks, all aimed at making a system...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. There is a vulnerability in the MSDIA SDK where corrupted PDBs can cause heap overflow, leading to a crash or remote code execution. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-arm64 to version 6.0.1...