14 matches found
MiracleLinux 8 : dotnet3.1-3.1.108-2.0.1.el8 (AXSA:2020-740:02)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-740:02 advisory. .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New...
CVE-2020-1045
creationtimestamp| type| source ---|---|--- 2023-12-11 07:26:44+00:00| seen| https://t.me/arpsyndicate/1713...
SUSE CVE-2020-1045
unknown...
NewStart CGSL MAIN 6.02 : dotnet3.1 Vulnerability (NS-SA-2021-0078)
The remote NewStart CGSL host, running version MAIN 6.02, has dotnet3.1 packages installed that are affected by a vulnerability: - A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.The ASP.NET Core cookie parser decodes entire cookie...
Security fix for the ALT Linux 9 package dotnet-bootstrap-3.1 version 3.1.11-alt1
Jan. 28, 2021 Vitaly Lipatov 3.1.11-alt1 - new version 3.1.11 with rpmgs script - .NET Core 3.1.11 - January 12, 2021 - CVE-2021-1723: ASP.NET Core Denial of Service Vulnerability - CVE-2020-1045: Microsoft ASP.NET Core Security Feature Bypass Vulnerability - CVE-2020-1597: NET Core Remote Code...
Security fix for the ALT Linux 10 package dotnet-bootstrap-3.1 version 3.1.11-alt1
Jan. 28, 2021 Vitaly Lipatov 3.1.11-alt1 - new version 3.1.11 with rpmgs script - .NET Core 3.1.11 - January 12, 2021 - CVE-2021-1723: ASP.NET Core Denial of Service Vulnerability - CVE-2020-1045: Microsoft ASP.NET Core Security Feature Bypass Vulnerability - CVE-2020-1597: NET Core Remote Code...
Fedora 33 : dotnet3.1 (2020-48fa1ad65c)
This update updates .NET Core 3.1 to SDK 3.1.108 and Runtime 3.1.8. This update includes a fix for CVE-2020-1045 Release Notes: https://github.com/dotnet/core/blob/master/release-notes/3.1/3.1.8/3.1 .8.md Note that Tenable Network Security has extracted the preceding description block directly fr...
Fedora 32 : dotnet3.1 (2020-e2deb72e0f)
This update updates .NET Core 3.1 to SDK 3.1.108 and Runtime 3.1.8. This update includes a fix for CVE-2020-1045 Release Notes: https://github.com/dotnet/core/blob/master/release-notes/3.1/3.1.8/3.1 .8.md Note that Tenable Network Security has extracted the preceding description block directly fr...
CVE-2020-1045
CVE-2020-1045 is a Security Feature Bypass in Microsoft ASP.NET Core where the cookie parser decodes entire cookie strings, allowing a attacker to set a second cookie with a percent-encoded name. Documented impact is a bypass of security controls via crafted encoded cookie names; CVSS v3.1 base s...
CVE-2020-1045 Microsoft ASP.NET Core Security Feature Bypass Vulnerability
...
Oracle Linux 8 : .NET / Core / 3.1 (ELSA-2020-3699)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-3699 advisory. 3.1.108-2.0.1.el82 - Update patch to support 8.2 [email protected] - support OL release scheme [email protected] 3.1.108-2 - Rebuild t...
Important: Red Hat Security Advisory: .NET Core 3.1 security and bugfix update for Red Hat Enterprise Linux
An update for rh-dotnet31-dotnet is now available for .NET Core on Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
Vulnerabilities fixed in Microsoft Developer tools
Microsoft has fixed several vulnerabilities. A malicious remote user could potentially exploit the vulnerabilities to execute arbitrary execute arbitrary code or to bypass a security measure. Microsoft considers the vulnerability with attribute CVE-2020-16874 to be critical. The vulnerability in...
RHEL 8 : .NET Core 3.1 (RHSA-2020:3699)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:3699 advisory. .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...