6 matches found
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read when decoding malformed Base64Url input. An attacker can cause a disruption of service. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-arm64 to version 9.0.14, 10.0.4 or higher. References - GitHub Commit -...
Incorrect Default Permissions
Overview Affected versions of this package are vulnerable to Incorrect Default Permissions. An attacker can gain elevated privileges by exploiting these permissions locally. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-x64 to version 10.0.4 or higher. References - Vulnerability Advisor...
Incorrect Default Permissions
Overview Affected versions of this package are vulnerable to Incorrect Default Permissions. An attacker can gain elevated privileges by exploiting these permissions locally. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-musl-arm to version 10.0.4 or higher. References - Vulnerability...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow through the loading of a specially crafted file. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-arm to version 8.0.12, 9.0.1 or higher. References - GitHub Issue...
Denial of Service (DoS)
Overview Microsoft.AspNetCore.App.Runtime.win-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Denial of Service DoS via excess memory allocations...
Important: Red Hat Security Advisory: dotnet3.1 security and bugfix update
An update for .NET Core 3.1 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...