CVE-2021-24112 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	No
Type	Arbitrary code execution
Description	A remote code execution vulnerability exists in dotnet-core before version 3.1.12 when parsing certain types of graphics files. This vulnerability only exists on systems running on MacOS or Linux.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1449	dotnet-runtime, dotnet-sdk	3.1.8.sdk108-1	5.0.3.sdk103-2	High	Fixed	FS#69317

Date	Advisory	Group	Package	Severity	Type
25 Mar 2021	ASA-202103-17	AVG-1449	dotnet-sdk	High	multiple issues
25 Mar 2021	ASA-202103-16	AVG-1449	dotnet-runtime	High	multiple issues

References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24112 https://github.com/dotnet/announcements/issues/176