Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 24 results


CVE-2024-43485

Medium priority
Vulnerable

Denial of Service attack against System.Text.Json ExtensionData feature.

4 affected packages

dotnet6, dotnet7, dotnet8, dotnet9

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dotnet6 Not in release Vulnerable Not in release Not in release Not in release
dotnet7 Not in release Ignored Not in release Not in release Not in release
dotnet8 Vulnerable Vulnerable Not in release Not in release Not in release
dotnet9 Not in release Not in release Not in release Not in release Not in release
Show less packages

CVE-2024-43484

Medium priority
Vulnerable

System.IO.Packaging - Multiple DoS vectors in use of SortedList.

4 affected packages

dotnet6, dotnet7, dotnet8, dotnet9

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dotnet6 Not in release Vulnerable Not in release Not in release Not in release
dotnet7 Not in release Ignored Not in release Not in release Not in release
dotnet8 Vulnerable Vulnerable Not in release Not in release Not in release
dotnet9 Not in release Not in release Not in release Not in release Not in release
Show less packages

CVE-2024-43483

Medium priority
Vulnerable

Multiple .NET components designed to process hostile input are susceptible to hash flooding attacks.

4 affected packages

dotnet6, dotnet7, dotnet8, dotnet9

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dotnet6 Not in release Vulnerable Not in release Not in release Not in release
dotnet7 Not in release Ignored Not in release Not in release Not in release
dotnet8 Vulnerable Vulnerable Not in release Not in release Not in release
dotnet9 Not in release Not in release Not in release Not in release Not in release
Show less packages

CVE-2024-38229

Medium priority
Vulnerable

Kestrel http/3 - When closing an HTTP/3 stream while application code is writing to the response body, a race condition may lead to remote code execution.

4 affected packages

dotnet6, dotnet7, dotnet8, dotnet9

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dotnet6 Not in release Not affected Not in release Not in release Not in release
dotnet7 Not in release Ignored Not in release Not in release Not in release
dotnet8 Vulnerable Vulnerable Not in release Not in release Not in release
dotnet9 Not in release Not in release Not in release Not in release Not in release
Show less packages

CVE-2024-38168

Medium priority
Not affected

.NET and Visual Studio Denial of Service Vulnerability

3 affected packages

dotnet6, dotnet7, dotnet8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dotnet6 Not in release Not affected Not in release Not in release Not in release
dotnet7 Not in release Not affected Not in release Not in release Not in release
dotnet8 Not affected Not affected Not in release Not in release Not in release
Show less packages

CVE-2024-38167

Medium priority

Some fixes available 2 of 3

.NET and Visual Studio Information Disclosure Vulnerability

3 affected packages

dotnet6, dotnet7, dotnet8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dotnet6 Not in release Not affected Not in release Not in release Not in release
dotnet7 Not in release Ignored Not in release Not in release Not in release
dotnet8 Fixed Fixed Not in release Not in release Not in release
Show less packages

CVE-2024-38095

Medium priority

Some fixes available 5 of 7

.NET and Visual Studio Denial of Service Vulnerability

3 affected packages

dotnet6, dotnet7, dotnet8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dotnet6 Not in release Fixed Not in release Not in release Not in release
dotnet7 Not in release Ignored Not in release Not in release Not in release
dotnet8 Fixed Fixed Not in release Not in release Not in release
Show less packages

CVE-2024-38081

Medium priority
Ignored

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

3 affected packages

dotnet6, dotnet7, dotnet8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dotnet6 Not in release Not affected Not in release Not in release Not in release
dotnet7 Not in release Ignored Not in release Not in release Not in release
dotnet8 Not affected Not affected Not in release Not in release Not in release
Show less packages

CVE-2024-35264

Medium priority

Some fixes available 3 of 5

.NET and Visual Studio Remote Code Execution Vulnerability

3 affected packages

dotnet6, dotnet7, dotnet8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dotnet6 Not in release Not affected Not in release Not in release Not in release
dotnet7 Not in release Ignored Not in release Not in release Not in release
dotnet8 Fixed Fixed Not in release Not in release Not in release
Show less packages

CVE-2024-30105

Medium priority

Some fixes available 3 of 5

.NET Core and Visual Studio Denial of Service Vulnerability

3 affected packages

dotnet6, dotnet7, dotnet8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dotnet6 Not in release Not affected Not in release Not in release Not in release
dotnet7 Not in release Ignored Not in release Not in release Not in release
dotnet8 Fixed Fixed Not in release Not in release Not in release
Show less packages