Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read when decoding malformed Base64Url input. An attacker can cause a disruption of service. Remediation Upgrade Microsoft.NETCore.App.Runtime.osx-x64 to version 9.0.14, 10.0.4 or higher. References - GitHub Commit - GitHu...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when reading a maliciously crafted X.509 certificate. Note: This issue only affects Linux systems. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS in .NET Kestrel where a malicious client can bypass QUIC stream limit in HTTP/3 in both ASP.NET and .NET runtimes, resulting in exploitation of this vulnerability. Note: .NET 6 included HTTP/3 support as a preview...

Privilege Escalation

Overview Affected versions of this package are vulnerable to Privilege Escalation. A vulnerability exists in .NET when deserializing a DataSet or DataTable from XML which may result in elevation of privileges. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-arm64 to version 6.0.18, 7.0.7 or...