CVE-2024-21386

Description

.NET Denial of Service Vulnerability

Affected packages (13)

• Bitnami/aspnet-core>= 6.0.0, < 6.0.27, >= 7.0.0, < 7.0.16, >= 8.0.0, < 8.0.2
• NuGet/Microsoft.AspNetCore.App.Runtime.linux-armfrom 0, < 6.0.27
• NuGet/Microsoft.AspNetCore.App.Runtime.linux-arm64from 0, < 6.0.27
• NuGet/Microsoft.AspNetCore.App.Runtime.linux-musl-armfrom 0, < 6.0.27
• NuGet/Microsoft.AspNetCore.App.Runtime.linux-musl-arm64from 0, < 6.0.27
• NuGet/Microsoft.AspNetCore.App.Runtime.linux-musl-x64from 0, < 6.0.27
• NuGet/Microsoft.AspNetCore.App.Runtime.linux-x64from 0, < 6.0.27
• NuGet/Microsoft.AspNetCore.App.Runtime.osx-arm64from 0, < 6.0.27
• NuGet/Microsoft.AspNetCore.App.Runtime.osx-x64from 0, < 6.0.27
• NuGet/Microsoft.AspNetCore.App.Runtime.win-armfrom 0, < 6.0.27
• NuGet/Microsoft.AspNetCore.App.Runtime.win-arm64from 0, < 6.0.27
• NuGet/Microsoft.AspNetCore.App.Runtime.win-x64from 0, < 6.0.27
• NuGet/Microsoft.AspNetCore.App.Runtime.win-x86from 0, < 6.0.27

CVSS scores

References (4)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2024-21386
• PATCHhttps://github.com/dotnet/aspnetcore
• WEBhttps://github.com/dotnet/aspnetcore/security/advisories/GHSA-g74q-5xw3-j7q9
• WEBhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21386