CVE-2024-35264

2024-07-0900:00:00

ubuntu.com

denial of service

asp.net core 8

cve-2024-35264

vulnerability

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.4

Confidence

High

EPSS

0.001

Percentile

44.8%

JSON

.NET and Visual Studio Remote Code Execution Vulnerability

Notes

Author	Note
iconstantin	.NET 7 is end of life upstream.

OSVersionArchitecturePackageVersionFilename
ubuntu22.04noarchdotnet8< 8.0.107-8.0.7-0ubuntu1~22.04.1UNKNOWN
ubuntu23.10noarchdotnet8< 8.0.107-8.0.7-0ubuntu1~23.10.1UNKNOWN
ubuntu24.04noarchdotnet8< 8.0.107-8.0.7-0ubuntu1~24.04.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	22.04	noarch	dotnet8	< 8.0.107-8.0.7-0ubuntu1~22.04.1	UNKNOWN
ubuntu	23.10	noarch	dotnet8	< 8.0.107-8.0.7-0ubuntu1~23.10.1	UNKNOWN
ubuntu	24.04	noarch	dotnet8	< 8.0.107-8.0.7-0ubuntu1~24.04.1	UNKNOWN