CVE-2021-31204 log
| Source |
|
| Severity | Medium |
| Remote | No |
| Type | Privilege escalation |
| Description | An elevation of privilege vulnerability exists in .NET 5.0 and .NET Core 3.1 when a user runs a single file application on operating systems based on Linux or macOS. The issue is fixed in .NET 5.0, Runtime 5.0.6 and SDK 5.0.203, as well as .NET Core 3.1, Runtime 3.1.15 and SDK 3.1.115. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-1945 | dotnet-runtime-3.1, dotnet-sdk-3.1 | 3.1.14.sdk114-1 | 3.1.15.sdk115-1 | Medium | Fixed | |
| AVG-1944 | dotnet-runtime, dotnet-sdk | 5.0.5.sdk202-1 | 5.0.6.sdk203-1 | Medium | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 25 May 2021 | ASA-202105-23 | AVG-1945 | dotnet-sdk-3.1 | Medium | privilege escalation |
| 25 May 2021 | ASA-202105-22 | AVG-1945 | dotnet-runtime-3.1 | Medium | privilege escalation |
| 25 May 2021 | ASA-202105-21 | AVG-1944 | dotnet-runtime | Medium | privilege escalation |
| 25 May 2021 | ASA-202105-20 | AVG-1944 | dotnet-sdk | Medium | privilege escalation |
| References |
|---|
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31204 https://github.com/dotnet/announcements/issues/185 |