CVE-2021-1723 log

Source
Severity Medium
Remote Yes
Type Denial of service
Description
A flaw was found in dotnet-core before version 3.1.11. Running callbacks outside of locks results in Krestel deadlock using HTTP2.
Group Package Affected Fixed Severity Status Ticket
AVG-1449 dotnet-runtime, dotnet-sdk 3.1.8.sdk108-1 Medium Vulnerable FS#69317
References
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1723
https://github.com/dotnet/announcements/issues/170
https://github.com/dotnet/aspnetcore/commit/20ad9fa5dcde635c13c6c83806c4701d5b7ec21e