---

CVE-2021-26701 - log back

CVE-2021-26701 edited at 26 Mar 2021 17:20:48

Description

- A remote code execution vulnerability exists in .NET 5.0 before Runtime 5.0.4 and SDK 5.0.104 as well as .NET Core 3.1 before Runtime 3.1.13 and SDK 3.1.113 due to how text encoding is performed. + A remote code execution vulnerability exists in .NET 5.0 before Runtime 5.0.4 and SDK 5.0.104 as well as .NET Core 3.1 before Runtime 3.1.13 and SDK 3.1.113 due to how text encoding is performed in the System.Text.Encodings.Web package, caused by a buffer overrun.

CVE-2021-26701 edited at 26 Mar 2021 17:19:48
Remote	- Local + Remote

CVE-2021-26701 edited at 16 Mar 2021 19:50:52
Description	- A remote code execution vulnerability exists in .NET 5 and .NET Core due to how text encoding is performed. + A remote code execution vulnerability exists in .NET 5.0 before Runtime 5.0.4 and SDK 5.0.104 as well as .NET Core 3.1 before Runtime 3.1.13 and SDK 3.1.113 due to how text encoding is performed.

CVE-2021-26701 edited at 09 Mar 2021 18:09:56
Severity	- Medium + High

CVE-2021-26701 edited at 09 Mar 2021 18:09:36
Severity	- Unknown + Medium
Remote	- Unknown + Local
Type	- Unknown + Arbitrary code execution
Description	+ A remote code execution vulnerability exists in .NET 5 and .NET Core due to how text encoding is performed.
References	+ https://msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26701 + https://github.com/dotnet/announcements/issues/178

CVE-2021-26701 created at 09 Mar 2021 18:07:11
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes