Search CVE reports
21 – 26 of 26 results
CVE-2024-0057
Medium priorityNET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
3 affected packages
dotnet6, dotnet7, dotnet8
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dotnet6 | — | Fixed | Not in release | Not in release | Not in release |
dotnet7 | — | Fixed | Not in release | Not in release | Not in release |
dotnet8 | — | Not affected | Not in release | Not in release | Not in release |
CVE-2024-0056
Medium priorityMicrosoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
3 affected packages
dotnet6, dotnet7, dotnet8
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dotnet6 | — | Not affected | Not in release | Not in release | Not in release |
dotnet7 | — | Not affected | Not in release | Not in release | Not in release |
dotnet8 | — | Not affected | Not in release | Not in release | Not in release |
CVE-2023-36558
Medium priorityASP.NET Core - Security Feature Bypass Vulnerability
3 affected packages
dotnet6, dotnet7, dotnet8
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dotnet6 | — | Fixed | Not in release | Not in release | Not in release |
dotnet7 | — | Fixed | Not in release | Not in release | Not in release |
dotnet8 | — | Not affected | Not in release | Not in release | Not in release |
CVE-2023-36049
Medium priority.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
3 affected packages
dotnet6, dotnet7, dotnet8
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dotnet6 | — | Fixed | Not in release | Not in release | Not in release |
dotnet7 | — | Fixed | Not in release | Not in release | Not in release |
dotnet8 | — | Not affected | Not in release | Not in release | Not in release |
CVE-2023-36038
Medium priorityASP.NET Core Denial of Service Vulnerability
3 affected packages
dotnet6, dotnet7, dotnet8
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dotnet6 | — | Not affected | Not in release | Not in release | Not in release |
dotnet7 | — | Not affected | Not in release | Not in release | Not in release |
dotnet8 | — | Not affected | Not in release | Not in release | Not in release |
CVE-2023-44487
High prioritySome fixes available 18 of 56
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
13 affected packages
dotnet6, dotnet7, dotnet8, h2o, haproxy...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dotnet6 | Not in release | Fixed | Not in release | Not in release | Not in release |
dotnet7 | Not in release | Fixed | Not in release | Not in release | Not in release |
dotnet8 | Fixed | Not affected | Not in release | Not in release | Not in release |
h2o | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
haproxy | Not affected | Not affected | Not affected | Fixed | Not affected |
netty | Not affected | Fixed | Fixed | Not affected | Not affected |
nghttp2 | Not affected | Fixed | Fixed | Fixed | Fixed |
nginx | Not affected | Not affected | Not affected | Not affected | Not affected |
nodejs | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
tomcat10 | Needs evaluation | Not in release | Not in release | Ignored | Ignored |
tomcat8 | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
tomcat9 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
trafficserver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |