15 matches found
MiracleLinux 9 : dotnet9.0-9.0.100-1.el9_5.ML.1 (AXSA:2025-9515:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9515:01 advisory. dotnet: Type confusion vulnerability leads to AV in .NET Core NrbfDecoder component CVE-2024-43498 dotnet: .NET Core - DoS - unbounded work factor i...
Fedora 41 : dotnet9.0 (2024-aab6aded81)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-aab6aded81 advisory. This is the .NET 9.0 GA release. It contains security fixes for CVE-2024-43498 and CVE-2024-43499 Announcement:...
Fedora: Security Advisory (FEDORA-2024-70cf80279f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 40 : dotnet9.0 (2024-70cf80279f)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-70cf80279f advisory. This is the .NET 9.0 GA release. It contains security fixes for CVE-2024-43498 and CVE-2024-43499 Announcement:...
Important: Red Hat Security Advisory: .NET 9.0 security update
An update for .NET 9.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Ubuntu: Security Advisory (USN-7105-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: .NET 9.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.100 and .NET Runtime 9.0.1.0...
CVE-2024-43499
.NET and Visual Studio Denial of Service Vulnerability...
CVE-2024-43499 vulnerabilities
Vulnerabilities for packages: dotnet-bootstrap...
CVE-2024-43499 vulnerabilities
Vulnerabilities for packages: dotnet-bootstrap...
CVE-2024-43499 .NET and Visual Studio Denial of Service Vulnerability
...
CVE-2024-43499
CVE-2024-43499 is a .NET 9.0 Denial of Service vulnerability impacting the NrbfDecoder component due to incorrect input validation. Affected software includes .NET 9.0 runtime/SDK prior to GA and packages such as System.Formats.Nrbf (
UBUNTU-CVE-2024-43499
.NET and Visual Studio Denial of Service Vulnerability...
Ubuntu 24.10 : .NET vulnerabilities (USN-7105-1)
The remote Ubuntu 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7105-1 advisory. It was discovered that the NrbfDecoder component in .NET did not properly handle an instance of a type confusion vulnerability. An authenticated attacker cou...
Security Update for Microsoft .NET Core SDK (November 2024)
The version of .NET Core SDK installed on the remote host is 9.x prior to 9.0.0. It is, therefore, affected by denial of service vulnerability as referenced in the October 2024 advisory: - .NET Remote Code Execution CVE-2024-43498 - .NET Denial of Service Vulnerability CVE-2024-43499 Note that...