MiracleLinux 9 : dotnet6.0-6.0.135-1.el9_4.ML.1 (AXSA:2024-8898:17)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8898:17 advisory. dotnet: System.IO.Packaging - Multiple DoS vectors in use of SortedList CVE-2024-43484 dotnet: Denial of Service in System.Text.Json CVE-2024-43485...

Denial Of Service (DoS)

System.Text.Json is vulnerable to Denial Of Service DoS. The vulnerability is due to deserializing input to a model with an ExtensionData property, which allows an attacker to consume excessive resources...

dotnet: Denial of Service in System.Text.Json

A flaw was found in dotnet. In System.Text.Json, applications that deserialize input to a model with an ExtensionData property can be vulnerable to an algorithmic complexity attack, resulting in a denial of service...

dotnet: Denial of Service in System.Text.Json

A flaw was found in dotnet. In System.Text.Json, applications that deserialize input to a model with an ExtensionData property can be vulnerable to an algorithmic complexity attack, resulting in a denial of service...

dotnet: Denial of Service in System.Text.Json

A flaw was found in dotnet. In System.Text.Json, applications that deserialize input to a model with an ExtensionData property can be vulnerable to an algorithmic complexity attack, resulting in a denial of service...

dotnet: Denial of Service in System.Text.Json

A flaw was found in dotnet. In System.Text.Json, applications that deserialize input to a model with an ExtensionData property can be vulnerable to an algorithmic complexity attack, resulting in a denial of service...

dotnet: Denial of Service in System.Text.Json

A flaw was found in dotnet. In System.Text.Json, applications that deserialize input to a model with an ExtensionData property can be vulnerable to an algorithmic complexity attack, resulting in a denial of service...

dotnet: Denial of Service in System.Text.Json

A flaw was found in dotnet. In System.Text.Json, applications that deserialize input to a model with an ExtensionData property can be vulnerable to an algorithmic complexity attack, resulting in a denial of service...

dotnet: Denial of Service in System.Text.Json

A flaw was found in dotnet. In System.Text.Json, applications that deserialize input to a model with an ExtensionData property can be vulnerable to an algorithmic complexity attack, resulting in a denial of service...

dotnet: Denial of Service in System.Text.Json

A flaw was found in dotnet. In System.Text.Json, applications that deserialize input to a model with an ExtensionData property can be vulnerable to an algorithmic complexity attack, resulting in a denial of service...

Inefficient Algorithmic Complexity

Overview Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity involved in processing ExtensionData property data. An attacker can trigger denial of service by passing malicious JSON input to a model that uses this property. Remediation Upgrade System.Text.Json to...

dotnet: DoS in System.Text.Json

A vulnerability was found in .NET. This issue can cause a denial of service in the System.Text.Json deserialization...

dotnet: DoS in System.Text.Json

A vulnerability was found in .NET. This issue can cause a denial of service in the System.Text.Json deserialization...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when using .NET's JsonSerializer.DeserializeAsyncEnumerable function on untrusted input. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and...