CVE-2021-1723 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Denial of service
Description	A flaw was found in dotnet-core before version 3.1.11. Running callbacks outside of locks results in Krestel deadlock using HTTP2.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1449	dotnet-runtime, dotnet-sdk	3.1.8.sdk108-1	5.0.3.sdk103-2	High	Fixed	FS#69317

Date	Advisory	Group	Package	Severity	Type
25 Mar 2021	ASA-202103-17	AVG-1449	dotnet-sdk	High	multiple issues
25 Mar 2021	ASA-202103-16	AVG-1449	dotnet-runtime	High	multiple issues

References
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1723 https://github.com/dotnet/announcements/issues/170 https://github.com/dotnet/aspnetcore/commit/20ad9fa5dcde635c13c6c83806c4701d5b7ec21e

References

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1723
https://github.com/dotnet/announcements/issues/170
https://github.com/dotnet/aspnetcore/commit/20ad9fa5dcde635c13c6c83806c4701d5b7ec21e