4 matches found
MiracleLinux 8 : dotnet6.0-6.0.118-1.el8.ML.1 (AXSA:2023-6205:16)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6205:16 advisory. dotnet: .NET Kestrel: Denial of Service processing X509 Certificates CVE-2023-29331 dotnet: vulnerability exists in NuGet where a potential race...
USN-6161-2 dotnet6, dotnet7 regression
USN-6161-1 fixed vulnerabilities in .NET. The update introduced a regression with regards to how the runtime imported X.509 certificates. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that .NET did not properly enforce certain...
dotnet: vulnerability exists in NuGet where a potential race condition can lead to a symlink attack
A vulnerability was found in dotnet. This issue exists in NuGet where a potential race condition can lead to a symlink attack...
USN-6161-1 dotnet6, dotnet7 vulnerabilities
It was discovered that .NET did not properly enforce certain restrictions when deserializing a DataSet or DataTable from XML. An attacker could possibly use this issue to elevate their privileges. CVE-2023-24936 Kevin Jones discovered that .NET did not properly handle the AIA fetching process for...