vulnerability
Oracle Linux: CVE-2020-0603: ELSA-2020-0130: .NET Core on Red Hat Enterprise Linux security and bug fix update (CRITICAL)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Jan 14, 2020 | Jan 21, 2020 | Dec 3, 2025 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Jan 14, 2020
Added
Jan 21, 2020
Modified
Dec 3, 2025
Description
A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.NET Core Remote Code Execution Vulnerability'.
A memory corruption flaw was found in ASP.NET core. A client can write to freed memory on the server which could result in undefined behavior. An unauthenticated, remote attacker could exploit this vulnerability to execute arbitrary code by sending specially crafted requests to an ASP.NET Core application.
A memory corruption flaw was found in ASP.NET core. A client can write to freed memory on the server which could result in undefined behavior. An unauthenticated, remote attacker could exploit this vulnerability to execute arbitrary code by sending specially crafted requests to an ASP.NET Core application.
Solutions
oracle-linux-upgrade-aspnetcore-runtime-3-0oracle-linux-upgrade-aspnetcore-targeting-pack-3-0oracle-linux-upgrade-dotnetoracle-linux-upgrade-dotnet-apphost-pack-3-0oracle-linux-upgrade-dotnet-hostoracle-linux-upgrade-dotnet-hostfxr-3-0oracle-linux-upgrade-dotnet-runtime-3-0oracle-linux-upgrade-dotnet-sdk-3-0oracle-linux-upgrade-dotnet-targeting-pack-3-0oracle-linux-upgrade-dotnet-templates-3-0oracle-linux-upgrade-netstandard-targeting-pack-2-1
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.