CVE-2024-0056

描述

Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability

受影響套件(4)

• Bitnami/dotnet>= 6.0.0, < 6.0.26, >= 7.0.0, < 7.0.15, >= 8.0.0, < 8.0.1
• Bitnami/dotnet-sdk>= 6.0.0, < 6.0.26, >= 7.0.0, < 7.0.15, >= 8.0.0, < 8.0.1
• NuGet/Microsoft.Data.SqlClientfrom 0, < 2.1.7
• NuGet/System.Data.SqlClientfrom 0, < 4.8.6

CVSS 分數

參考連結(3)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2024-0056
• WEBhttps://github.com/dotnet/announcements/issues/292
• WEBhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0056