CVE-2021-24112 log

Source
Severity High
Remote No
Type Arbitrary code execution
Description
A remote code execution vulnerability exists in dotnet-core before version 3.1.12 when parsing certain types of graphics files. This vulnerability only exists on systems running on MacOS or Linux.
Group Package Affected Fixed Severity Status Ticket
AVG-1449 dotnet-runtime, dotnet-sdk 3.1.8.sdk108-1 5.0.3.sdk103-2 High Fixed FS#69317
Date Advisory Group Package Severity Type
25 Mar 2021 ASA-202103-17 AVG-1449 dotnet-sdk High multiple issues
25 Mar 2021 ASA-202103-16 AVG-1449 dotnet-runtime High multiple issues
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24112
https://github.com/dotnet/announcements/issues/176