Search CVE reports
1 – 3 of 3 results
Some fixes available 7 of 9
Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| dotnet6 | Not in release | Needs evaluation | Not in release | Not in release |
| dotnet7 | Not in release | Ignored | Not in release | Not in release |
| dotnet8 | Fixed | Fixed | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release |
| dotnet10 | Not in release | Not in release | Not in release | Not in release |
Some fixes available 6 of 8
Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| dotnet6 | Not in release | Needs evaluation | Not in release | Not in release |
| dotnet7 | Not in release | Ignored | Not in release | Not in release |
| dotnet8 | Fixed | Fixed | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release |
| dotnet10 | Not in release | Not in release | Not in release | Not in release |
Some fixes available 7 of 9
Improper link resolution before file access ('link following') in .NET allows an authorized attacker to elevate privileges locally.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| dotnet6 | Not in release | Needs evaluation | Not in release | Not in release |
| dotnet7 | Not in release | Ignored | Not in release | Not in release |
| dotnet8 | Fixed | Fixed | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release |
| dotnet10 | Not in release | Not in release | Not in release | Not in release |