MiracleLinux 9 : dotnet8.0-8.0.110-1.el9_4.ML.1 (AXSA:2024-8897:18)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8897:18 advisory. dotnet: kestrel: closing an HTTP/3 stream can cause a race condition and lead to remote code execution CVE-2024-38229 dotnet: Multiple .NET componen...

MiracleLinux 9 : dotnet8.0-8.0.107-1.el9_4.ML.1 (AXSA:2024-8561:13)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8561:13 advisory. dotnet: DoS in System.Text.Json CVE-2024-30105 dotnet: DoS in ASP.NET Core 8 CVE-2024-35264 dotnet: DoS when parsing X.509 Content and...

RockyLinux 8 : .NET 6.0 (RLSA-2024:7851)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:7851 advisory. dotnet: System.IO.Packaging - Multiple DoS vectors in use of SortedList CVE-2024-43484 dotnet: Multiple .NET components susceptible to hash flooding...

Important: Red Hat Security Advisory: .NET 6.0 security update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, and Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support. Red Hat Product Security has rated this update as...

AlmaLinux 9 : .NET 6.0 (ALSA-2024:7867)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:7867 advisory. dotnet: System.IO.Packaging - Multiple DoS vectors in use of SortedList CVE-2024-43484 dotnet: Denial of Service in System.Text.Json CVE-2024-43485 dotnet...

AlmaLinux 8 : .NET 6.0 (ALSA-2024:7851)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:7851 advisory. dotnet: System.IO.Packaging - Multiple DoS vectors in use of SortedList CVE-2024-43484 dotnet: Multiple .NET components susceptible to hash flooding...

Important: Red Hat Security Advisory: .NET 6.0 security update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Microsoft Security Advisory CVE-2024-43485 | .NET Denial of Service Vulnerability

Microsoft Security Advisory CVE-2024-43485 | .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in System.Text.Json 6.0.x and 8.0.x. This advisory also provides guidance on what developers can do to...

GHSA-8G4Q-XG66-9FP4 Microsoft Security Advisory CVE-2024-43485 | .NET Denial of Service Vulnerability

Microsoft Security Advisory CVE-2024-43485 | .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in System.Text.Json 6.0.x and 8.0.x. This advisory also provides guidance on what developers can do to...

ROS-20240719-04

A vulnerability in the Microsoft .NET software platform and Microsoft software development tool Microsoft Visual Studio is related to post-release memory usage. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and availability...

RLSA-2024:4450 Important: dotnet8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.107 and Runtime 8.0.7. Security...

dotnet8.0 security update

An update is available for dotnet8.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

RLSA-2024:4451 Important: dotnet8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.107 and Runtime 8.0.7. Security...

Rocky Linux 9 : dotnet8.0 (RLSA-2024:4450)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:4450 advisory. dotnet: DoS in System.Text.Json CVE-2024-30105 dotnet: DoS in ASP.NET Core 8 CVE-2024-35264 dotnet: DoS when parsing X.509 Content and ObjectIdentifiers...

AlmaLinux 9 : dotnet8.0 (ALSA-2024:4450)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4450 advisory. dotnet: DoS in System.Text.Json CVE-2024-30105 dotnet: DoS in ASP.NET Core 8 CVE-2024-35264 dotnet: DoS when parsing X.509 Content and ObjectIdentifiers...

AlmaLinux 8 : dotnet8.0 (ALSA-2024:4451)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4451 advisory. dotnet: DoS in System.Text.Json CVE-2024-30105 dotnet: DoS in ASP.NET Core 8 CVE-2024-35264 dotnet: DoS when parsing X.509 Content and ObjectIdentifiers...

Denial Of Service (DoS)

System.Text.Json is vulnerable to Denial of Service DoS. The vulnerability is due to the JsonSerializer.DeserializeAsyncEnumerable method, which can result in Denial of Service when deserializing crafted input...

RHEL 9 : dotnet8.0 (RHSA-2024:4450)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4450 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

Important: dotnet8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.107 and Runtime 8.0.7. Security...

Microsoft Security Advisory CVE-2024-30105 | .NET Denial of Service Vulnerability

Microsoft Security Advisory CVE-2024-30105 | .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0. This advisory also provides guidance on what developers can do to update their applications t...