---

CVE-2021-26423 - log back

CVE-2021-26423 edited at 11 Aug 2021 06:29:47
References	+ https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26423 https://github.com/dotnet/announcements/issues/194

CVE-2021-26423 edited at 11 Aug 2021 06:23:41
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Denial of service
Description	+ A denial of service vulnerability exists in .NET 5.0 before Runtime 5.0.9 and SDK 5.0.206 as well as .NET Core 3.1 before Runtime 3.1.18 and SDK 3.1.118 where .NET (Core) server applications providing WebSocket endpoints could be tricked into endlessly looping while trying to read a single WebSocket frame.
References	+ https://github.com/dotnet/announcements/issues/194
Notes

CVE-2021-26423 created at 11 Aug 2021 06:19:38