4 matches found
CVE-2026-54772
CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, an unauthenticated remote attacker that can reach a NetTcpBinding, NetNamedPipeBinding, or UnixDomainSocketBinding endpoint can trigger premature EOF handling in the CoreWCF...
CVE-2026-54772
CoreWCF (net.tcp/net.pipe/net.uds) prior to versions 1.8.1 and 1.9.1 is affected. An unauthenticated remote attacker can trigger premature EOF handling in the framing handshake, causing one server thread-pool worker to be pinned at 100% CPU per connection and potentially exhausting CPU with multi...
Infinite loop
Overview Affected versions of this package are vulnerable to Infinite loop through the preamble decode loop in DuplexFramingMiddleware and SingletonFramingMiddleware, with the same end-of-stream handling issue in RawStream.ReadAsyncInternal. An attacker can keep a server connection open...
PT-2024-22368 · Corewcf · Corewcf
Name of the Vulnerable Software and Affected Versions: CoreWCF versions prior to 1.4.2 CoreWCF versions prior to 1.5.2 Description: The issue affects NetFraming based CoreWCF services, where extra system resources could be consumed by connections being left established instead of closing or...