Search CVE reports
11 – 20 of 20 results
CVE-2024-21392
Medium priority.NET and Visual Studio Denial of Service Vulnerability
3 affected packages
dotnet6, dotnet7, dotnet8
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | — | Not affected | Not in release | Not in release | Not in release |
| dotnet7 | — | Fixed | Not in release | Not in release | Not in release |
| dotnet8 | — | Fixed | Not in release | Not in release | Not in release |
CVE-2024-21404
Medium priority.NET Denial of Service Vulnerability
3 affected packages
dotnet6, dotnet7, dotnet8
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | — | Fixed | Not in release | Not in release | Not in release |
| dotnet7 | — | Fixed | Not in release | Not in release | Not in release |
| dotnet8 | — | Fixed | Not in release | Not in release | Not in release |
CVE-2024-21386
Medium priority.NET Denial of Service Vulnerability
3 affected packages
dotnet6, dotnet7, dotnet8
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | — | Fixed | Not in release | Not in release | Not in release |
| dotnet7 | — | Fixed | Not in release | Not in release | Not in release |
| dotnet8 | — | Fixed | Not in release | Not in release | Not in release |
CVE-2024-21319
Medium priorityMicrosoft Identity Denial of service vulnerability
3 affected packages
dotnet6, dotnet7, dotnet8
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | — | Fixed | Not in release | Not in release | Not in release |
| dotnet7 | — | Fixed | Not in release | Not in release | Not in release |
| dotnet8 | — | Not affected | Not in release | Not in release | Not in release |
CVE-2024-0057
Medium priorityNET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
3 affected packages
dotnet6, dotnet7, dotnet8
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | — | Fixed | Not in release | Not in release | Not in release |
| dotnet7 | — | Fixed | Not in release | Not in release | Not in release |
| dotnet8 | — | Not affected | Not in release | Not in release | Not in release |
CVE-2024-0056
Medium priorityMicrosoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
3 affected packages
dotnet6, dotnet7, dotnet8
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | — | Not affected | Not in release | Not in release | Not in release |
| dotnet7 | — | Not affected | Not in release | Not in release | Not in release |
| dotnet8 | — | Not affected | Not in release | Not in release | Not in release |
CVE-2023-36558
Medium priorityASP.NET Core - Security Feature Bypass Vulnerability
3 affected packages
dotnet6, dotnet7, dotnet8
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | — | Fixed | Not in release | Not in release | Not in release |
| dotnet7 | — | Fixed | Not in release | Not in release | Not in release |
| dotnet8 | — | Not affected | Not in release | Not in release | Not in release |
CVE-2023-36049
Medium priority.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
3 affected packages
dotnet6, dotnet7, dotnet8
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | — | Fixed | Not in release | Not in release | Not in release |
| dotnet7 | — | Fixed | Not in release | Not in release | Not in release |
| dotnet8 | — | Not affected | Not in release | Not in release | Not in release |
CVE-2023-36038
Medium priorityASP.NET Core Denial of Service Vulnerability
3 affected packages
dotnet6, dotnet7, dotnet8
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | — | Not affected | Not in release | Not in release | Not in release |
| dotnet7 | — | Not affected | Not in release | Not in release | Not in release |
| dotnet8 | — | Not affected | Not in release | Not in release | Not in release |
CVE-2023-44487
High prioritySome fixes available 24 of 78
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
26 affected packages
dotnet6, dotnet7, dotnet8, golang, golang-1.10...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Fixed | Not in release | Not in release | Not in release |
| dotnet7 | Not in release | Fixed | Not in release | Not in release | Not in release |
| dotnet8 | Fixed | Not affected | Not in release | Not in release | Not in release |
| golang | Not in release | Not in release | Not in release | Not in release | Not in release |
| golang-1.10 | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
| golang-1.13 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.14 | Not in release | Not in release | Needs evaluation | Not in release | Not in release |
| golang-1.16 | Not in release | Not in release | Needs evaluation | Needs evaluation | Not in release |
| golang-1.17 | Not in release | Needs evaluation | Not in release | Not in release | Not in release |
| golang-1.18 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.19 | Not in release | Not in release | Not in release | Not in release | Not in release |
| golang-1.20 | Not in release | Fixed | Fixed | Not in release | Not in release |
| golang-1.21 | Not affected | Fixed | Fixed | Not in release | Not in release |
| golang-1.6 | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
| golang-1.8 | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
| golang-1.9 | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
| h2o | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
| haproxy | Not affected | Not affected | Not affected | Needs evaluation | Not affected |
| netty | Not affected | Fixed | Fixed | Not affected | Not affected |
| nghttp2 | Not affected | Fixed | Fixed | Fixed | Fixed |
| nginx | Not affected | Not affected | Not affected | Not affected | Not affected |
| nodejs | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| tomcat10 | Needs evaluation | Not in release | Not in release | Ignored | Ignored |
| tomcat8 | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
| tomcat9 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
| trafficserver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |