vulnerability

Red Hat: CVE-2024-43498: dotnet: Type confusion vulnerability leads to AV in .NET Core NrbfDecoder component (Multiple Advisories)

Name: Red Hat: CVE-2024-43498: dotnet: Type confusion vulnerability leads to AV in .NET Core NrbfDecoder component (Multiple Advisories)
Creator: Red Hat
Published: 2024-11-12T00:00:00.000Z

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

Nov 12, 2024

Added

Nov 27, 2024

Modified

Jun 17, 2026

Description

.NET and Visual Studio Remote Code Execution Vulnerability

Solutions

redhat-upgrade-aspnetcore-runtime-9-0redhat-upgrade-aspnetcore-runtime-dbg-9-0redhat-upgrade-aspnetcore-targeting-pack-9-0redhat-upgrade-dotnet-apphost-pack-9-0redhat-upgrade-dotnet-apphost-pack-9-0-debuginforedhat-upgrade-dotnet-hostredhat-upgrade-dotnet-host-debuginforedhat-upgrade-dotnet-hostfxr-9-0redhat-upgrade-dotnet-hostfxr-9-0-debuginforedhat-upgrade-dotnet-runtime-9-0redhat-upgrade-dotnet-runtime-9-0-debuginforedhat-upgrade-dotnet-runtime-dbg-9-0redhat-upgrade-dotnet-sdk-9-0redhat-upgrade-dotnet-sdk-9-0-debuginforedhat-upgrade-dotnet-sdk-9-0-source-built-artifactsredhat-upgrade-dotnet-sdk-aot-9-0redhat-upgrade-dotnet-sdk-aot-9-0-debuginforedhat-upgrade-dotnet-sdk-dbg-9-0redhat-upgrade-dotnet-targeting-pack-9-0redhat-upgrade-dotnet-templates-9-0redhat-upgrade-dotnet9-0-debuginforedhat-upgrade-dotnet9-0-debugsourceredhat-upgrade-netstandard-targeting-pack-2-1

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report