27 matches found
Oracle Linux 8 : .NET / 6.0 (ELSA-2022-0496)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-0496 advisory. 6.0.102-1.0.1 - Add missing Oracle RIDs 6.0.102-1 - Update to .NET SDK 6.0.102 and Runtime 6.0.2 - Resolves: RHBZ2048257 Tenable has extracted the preceding...
RHEL 8 : .NET 6.0 (RHSA-2022:0496)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:0496 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. N...
RHEL 7 : .NET 5.0 on RHEL 7 (RHSA-2022:0499)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:0499 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. N...
CVE-2022-21986
A vulnerability was found in dotnet’s ASP.NET Core Krestel when pooling HTTP/2 and HTTP/3 headers. This flaw allows a remote, unauthenticated attacker to cause a denial of service...
Important: Red Hat Security Advisory: .NET 5.0 on RHEL 7 security and bugfix update
An update for .NET 5.0 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
dotnet: ASP.NET Core Krestel HTTP headers pooling denial of service
A vulnerability was found in dotnet’s ASP.NET Core Krestel when pooling HTTP/2 and HTTP/3 headers. This flaw allows a remote, unauthenticated attacker to cause a denial of service...
Important: Red Hat Security Advisory: .NET 6.0 on RHEL 7 security and bugfix update
An update for .NET 6.0 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Important: Red Hat Security Advisory: .NET 6.0 security and bugfix update
An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
dotnet: ASP.NET Core Krestel HTTP headers pooling denial of service
A vulnerability was found in dotnet’s ASP.NET Core Krestel when pooling HTTP/2 and HTTP/3 headers. This flaw allows a remote, unauthenticated attacker to cause a denial of service...
dotnet: ASP.NET Core Krestel HTTP headers pooling denial of service
A vulnerability was found in dotnet’s ASP.NET Core Krestel when pooling HTTP/2 and HTTP/3 headers. This flaw allows a remote, unauthenticated attacker to cause a denial of service...
RLSA-2022:0496 Important: .NET 6.0 security and bugfix update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.102 and .NET Runtime 6.0.2...
.NET 6.0 security and bugfix update
An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...
Important: .NET 5.0 security and bugfix update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.211 and .NET Runtime 5.0.14...
RLSA-2022:0495 Important: .NET 5.0 security and bugfix update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.211 and .NET Runtime 5.0.14...
ALSA-2022:0495 Important: .NET 5.0 security and bugfix update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.211 and .NET Runtime 5.0.14...
.NET 5.0 security and bugfix update
An update is available for dotnet5.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...
CVE-2022-219862
A vulnerability was found in dotnet’s ASP.NET Core Krestel when pooling HTTP/2 and HTTP/3 headers. This flaw allows a remote, unauthenticated attacker to cause a denial of service...
Dotnet 代码问题漏洞
Dotnet is an open source http web framework. A code issue vulnerability exists in Dotnet that stems from an error in the HTTP header of the product's ASP.NET Core Krestel component. An attacker could cause a denial of service via this vulnerability...
Denial Of Service (DoS)
dotnet is vulnerable to denial of service DoS. The vulnerability exists through ASP.NET Core Callbacks outside of locks cause Krestel deadlock when using HTTP2...
dotnet: ASP.NET Core Callbacks outside of locks cause Krestel deadlock when using HTTP2
A flaw was found in dotnet. Running callbacks outside of locks results in Krestel deadlock using HTTP2. The highest threat from this vulnerability is to system availability...