vulnerability
Oracle Linux: CVE-2024-43483: ELSA-2024-7868: .NET 8.0 security update (IMPORTANT) (Multiple Advisories)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Oct 8, 2024 | Oct 16, 2024 | Jan 7, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Oct 8, 2024
Added
Oct 16, 2024
Modified
Jan 7, 2025
Description
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
A flaw was found in dotnet. The System.Security.Cryptography.Cose, System.IO.Packaging and System.Runtime.Caching components may be exposed to hostile input, making them susceptible to hash flooding attacks, resulting in denial of service.
A flaw was found in dotnet. The System.Security.Cryptography.Cose, System.IO.Packaging and System.Runtime.Caching components may be exposed to hostile input, making them susceptible to hash flooding attacks, resulting in denial of service.
Solution(s)
oracle-linux-upgrade-aspnetcore-runtime-6-0oracle-linux-upgrade-aspnetcore-runtime-8-0oracle-linux-upgrade-aspnetcore-runtime-dbg-8-0oracle-linux-upgrade-aspnetcore-targeting-pack-6-0oracle-linux-upgrade-aspnetcore-targeting-pack-8-0oracle-linux-upgrade-dotnetoracle-linux-upgrade-dotnet-apphost-pack-6-0oracle-linux-upgrade-dotnet-apphost-pack-8-0oracle-linux-upgrade-dotnet-hostoracle-linux-upgrade-dotnet-hostfxr-6-0oracle-linux-upgrade-dotnet-hostfxr-8-0oracle-linux-upgrade-dotnet-runtime-6-0oracle-linux-upgrade-dotnet-runtime-8-0oracle-linux-upgrade-dotnet-runtime-dbg-8-0oracle-linux-upgrade-dotnet-sdk-6-0oracle-linux-upgrade-dotnet-sdk-6-0-source-built-artifactsoracle-linux-upgrade-dotnet-sdk-8-0oracle-linux-upgrade-dotnet-sdk-8-0-source-built-artifactsoracle-linux-upgrade-dotnet-sdk-dbg-8-0oracle-linux-upgrade-dotnet-targeting-pack-6-0oracle-linux-upgrade-dotnet-targeting-pack-8-0oracle-linux-upgrade-dotnet-templates-6-0oracle-linux-upgrade-dotnet-templates-8-0oracle-linux-upgrade-netstandard-targeting-pack-2-1

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.