AVG-1449 log

Package dotnet-runtime, dotnet-sdk
Status Fixed
Severity High
Type multiple issues
Affected 3.1.8.sdk108-1
Fixed 5.0.3.sdk103-2
Current 5.0.8.sdk205-1 [community]
Ticket FS#69317
Created Wed Jan 13 21:42:32 2021
Issue Severity Remote Type Description
CVE-2021-24112 High No Arbitrary code execution
A remote code execution vulnerability exists in dotnet-core before version 3.1.12 when parsing certain types of graphics files. This vulnerability only...
CVE-2021-1723 Medium Yes Denial of service
A flaw was found in dotnet-core before version 3.1.11. Running callbacks outside of locks results in Krestel deadlock using HTTP2.
CVE-2021-1721 Medium Yes Denial of service
A security issue was found in dotnet-core before version 3.1.12. A denial-of-service vulnerability exists when creating HTTPS web request during X509...
Date Advisory Package Type
25 Mar 2021 ASA-202103-17 dotnet-sdk multiple issues
25 Mar 2021 ASA-202103-16 dotnet-runtime multiple issues