13 matches found
Allocation of Resources Without Limits or Throttling
Overview Microsoft.AspNetCore.App.Runtime.linux-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttlin...
Allocation of Resources Without Limits or Throttling
Overview Microsoft.AspNetCore.App.Runtime.linux-arm is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling ...
Allocation of Resources Without Limits or Throttling
Overview Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or...
Allocation of Resources Without Limits or Throttling
Overview Microsoft.AspNetCore.App.Runtime.osx-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in...
Allocation of Resources Without Limits or Throttling
Overview Microsoft.AspNetCore.App.Runtime.win-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling ...
Allocation of Resources Without Limits or Throttling
Overview Microsoft.AspNetCore.App.Runtime.win-x86 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in...
.NET Denial of Service Vulnerability
Microsoft Security Advisory CVE-2026-26130 – .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to...
MiracleLinux 8 : dotnet6.0-6.0.127-1.el8_9.ML.1 (AXSA:2024-7527:04)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7527:04 advisory. dotnet: Denial of Service in SignalR server CVE-2024-21386 dotnet: Denial of Service in X509Certificate2 CVE-2024-21404 Tenable has extracted the...
USN-6634-1 dotnet6, dotnet7, dotnet8 vulnerabilities
Brennan Conroy discovered that .NET with SignalR did not properly handle malicious clients. An attacker could possibly use this issue to cause a denial of service. CVE-2024-21386 Bahaa Naamneh discovered that .NET with OpenSSL support did not properly parse X509 certificates. An attacker could...
Resource Exhaustion
Overview Microsoft.AspNetCore.App.Runtime.linux-musl-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Resource Exhaustion due to improper handling of...
Resource Exhaustion
Overview Microsoft.AspNetCore.App.Runtime.linux-musl-arm is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Resource Exhaustion due to improper handling of...
dotnet: Denial of Service in SignalR server
A denial of service vulnerability is present in the .NET applications utilizing SignalR, which a malicious client can exploit. The issue arises from inadequate validation of user-supplied input in .NET. This flaw allows a remote attacker to trigger a denial of service DoS attack by providing...
PT-2023-4295 · Microsoft +1 · Asp.Net Core Signalr +2
Name of the Vulnerable Software and Affected Versions: ASP.NET Core SignalR and Visual Studio affected versions not specified Description: The issue is related to insufficient access control in the software development tool Microsoft Visual Studio and the Microsoft .NET platform. This can...