CVE-2021-1723 - log back

CVE-2021-1723 edited at 13 Jan 2021 21:49:49
Severity
- Low
+ Medium
CVE-2021-1723 edited at 13 Jan 2021 21:47:05
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Denial of service
Description
+ A flaw was found in dotnet-core before version 3.1.11. Running callbacks outside of locks results in Krestel deadlock using HTTP2.
References
+ https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1723
+ https://github.com/dotnet/announcements/issues/170
+ https://github.com/dotnet/aspnetcore/commit/20ad9fa5dcde635c13c6c83806c4701d5b7ec21e
Notes
CVE-2021-1723 created at 13 Jan 2021 21:42:32