CVE-2021-34532 - log back

CVE-2021-34532 edited at 11 Aug 2021 06:30:32
Remote
- Remote
+ Local
References
+ https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34532
https://github.com/dotnet/announcements/issues/195
Notes
CVE-2021-34532 edited at 11 Aug 2021 06:26:28
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Information disclosure
Description
+ An information disclosure vulnerability exists in .NET 5.0 before Runtime 5.0.9 and SDK 5.0.206 as well as .NET Core 3.1 before Runtime 3.1.18 and SDK 3.1.118 where a JWT token is logged if it cannot be parsed.
References
+ https://github.com/dotnet/announcements/issues/195
CVE-2021-34532 created at 11 Aug 2021 06:19:38