Oracle Linux 8 : .NET / 8.0 (ELSA-2024-0150)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0150 advisory. 8.0.101-1.0.1 - Add support for Oracle Linux - Update to .NET SDK 8.0.101 and Runtime 8.0.1 Tenable has extracted the preceding description block...

CentOS 8 : .NET 8.0 (CESA-2024:0150)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:0150 advisory. - Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability CVE-2024-0056 - NET, .NET Framework, and...

Amazon Linux 2023 : aspnetcore-runtime-6.0, aspnetcore-targeting-pack-6.0, dotnet (ALAS2023-2024-489)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-489 advisory. Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability CVE-2024-0056 NET, .NET Framework, and Visual Studio Security Feature Bypass...

CentOS 8 : .NET 6.0 (CESA-2024:0158)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:0158 advisory. - Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability CVE-2024-0056 - NET, .NET Framework, and...

CentOS 8 : .NET 7.0 (CESA-2024:0157)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:0157 advisory. - Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability CVE-2024-0056 - NET, .NET Framework, and...

Oracle Linux 9 : .NET / 8.0 (ELSA-2024-0152)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0152 advisory. 8.0.101-1.0.1 - Update to .NET SDK 8.0.101 and Runtime 8.0.1 Tenable has extracted the preceding description block directly from the Oracle Linux...

RHEL 7 : .NET 6.0 (RHSA-2024:0255)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0255 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

RLSA-2024:0158 Important: .NET 6.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.126 and .NET Runtime 6.0.26...

AlmaLinux 9 : .NET 6.0 (ALSA-2024:0156)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0156 advisory. - Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability CVE-2024-0056 - NET, .NET Framework, and Visu...

AlmaLinux 8 : .NET 6.0 (ALSA-2024:0158)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0158 advisory. - Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability CVE-2024-0056 - NET, .NET Framework, and Visu...

Rocky Linux 8 : .NET 6.0 (RLSA-2024:0158)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:0158 advisory. - Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability CVE-2024-0056 - NET, .NET Framework, and...

Important: Red Hat Security Advisory: .NET 7.0 security update

An update for .NET 7.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Security Updates for Microsoft .NET Framework (January 2024)

The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities, as follows: - Denial of service vulnerability in Microsoft .NET Framework. CVE-2023-36042, CVE-2024-21312 - Security feature bypass in...

Microsoft.Data.SqlClient and System.Data.SqlClient vulnerable to SQL Data Provider Security Feature Bypass

Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability...

CVE-2024-0056

CVE-2024-0056 affects Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider security feature bypass. CVSS v3.1 base score 8.7 (NETWORK, HIGH impact on confidentiality and integrity, no availability impact) per Microsoft, with CVSS v4 score 8.8 indicating high impact. Descriptions i...

CVE-2024-0056

Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability...

Microsoft .NET Framework Information Disclosure Vulnerability (KB5020689)

This host is missing an important security update according to Microsoft KB5020689 Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

Security Updates for Microsoft .NET Framework (November 2022)

The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by an information disclosure vulnerability in the System.Data.SqlClient and Microsoft.Data.SqlClient packages. A timeout occurring under high load can cause incorrect data to be...

GHSA-8G2P-5PQH-5JMC .NET Information Disclosure Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET, .NET Core and .NET Framework's System.Data.SqlClient and Microsoft.Data.SqlClient NuGet Packages. A vulnerability exists in System.Data.SqlClient and Microsoft.Data.SqlClient libraries where a...

November 8, 2022-Security Only Update for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 (KB5020680)

November 8, 2022-Security Only Update for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 KB5020680 Applies to: Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7.2 Microsoft .NET Framework 4.8 IMPORTANT ...