CVE-2021-26701

CRITICAL9.8EPSS 2.8%

.NET Core Remote Code Execution Vulnerability

Published: 4/21/2021Modified: 5/20/2025

Also known as:GHSA-ghhp-997w-qr28BIT-dotnet-2021-26701BIT-dotnet-sdk-2021-26701

Description

.NET Core Remote Code Execution Vulnerability

Affected packages (3)

Bitnami/dotnet>= 5.0.0, < 5.0.4
Bitnami/dotnet-sdk>= 5.0.0, < 5.0.4
NuGet/System.Text.Encodings.Web>= 4.0.0, < 4.5.1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	CRITICAL9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References (21)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2021-26701
WEBhttps://github.com/dotnet/announcements/issues/178
WEBhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2AZOUKMCHT2WBHR7MYDTYXWOBHZW5P5
WEBhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2AZOUKMCHT2WBHR7MYDTYXWOBHZW5P5/
WEBhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TW3ZSJTTMZAFKGW7NJWTVVFZUYYU2SJZ
WEBhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TW3ZSJTTMZAFKGW7NJWTVVFZUYYU2SJZ/
WEBhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBOSSX7U6BSHV5RI74FCOW4ITJ5RRJR5
WEBhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBOSSX7U6BSHV5RI74FCOW4ITJ5RRJR5/
WEBhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WA5WQJVHUL5C4XMJTLY3C67R4WP35EF4
WEBhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WA5WQJVHUL5C4XMJTLY3C67R4WP35EF4/
WEBhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPUKFHIGP5YNJRRFWKDJ2XRS4WTFJNNK
WEBhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPUKFHIGP5YNJRRFWKDJ2XRS4WTFJNNK/
WEBhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YLFATXASXW4OV2ZBSRP4G55HJH73QPBP
WEBhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YLFATXASXW4OV2ZBSRP4G55HJH73QPBP/
WEBhttps://lists.fedoraproject.org/archives/list/[email protected]/message/S2AZOUKMCHT2WBHR7MYDTYXWOBHZW5P5
WEBhttps://lists.fedoraproject.org/archives/list/[email protected]/message/TW3ZSJTTMZAFKGW7NJWTVVFZUYYU2SJZ
WEBhttps://lists.fedoraproject.org/archives/list/[email protected]/message/UBOSSX7U6BSHV5RI74FCOW4ITJ5RRJR5
WEBhttps://lists.fedoraproject.org/archives/list/[email protected]/message/WA5WQJVHUL5C4XMJTLY3C67R4WP35EF4
WEBhttps://lists.fedoraproject.org/archives/list/[email protected]/message/XPUKFHIGP5YNJRRFWKDJ2XRS4WTFJNNK
WEBhttps://lists.fedoraproject.org/archives/list/[email protected]/message/YLFATXASXW4OV2ZBSRP4G55HJH73QPBP
WEBhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26701