dotnet-runtime

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description The .NET Core runtime
Version 5.0.5.sdk202-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1698 5.0.3.sdk103-2 5.0.4.sdk104-1 High Fixed FS#69317
AVG-1449 3.1.8.sdk108-1 5.0.3.sdk103-2 High Fixed FS#69317
Issue Group Severity Remote Type Description
CVE-2021-26701 AVG-1698 High Yes Arbitrary code execution
A remote code execution vulnerability exists in .NET 5.0 before Runtime 5.0.4 and SDK 5.0.104 as well as .NET Core 3.1 before Runtime 3.1.13 and SDK 3.1.113...
CVE-2021-24112 AVG-1449 High No Arbitrary code execution
A remote code execution vulnerability exists in dotnet-core before version 3.1.12 when parsing certain types of graphics files. This vulnerability only...
CVE-2021-1723 AVG-1449 Medium Yes Denial of service
A flaw was found in dotnet-core before version 3.1.11. Running callbacks outside of locks results in Krestel deadlock using HTTP2.
CVE-2021-1721 AVG-1449 Medium Yes Denial of service
A security issue was found in dotnet-core before version 3.1.12. A denial-of-service vulnerability exists when creating HTTPS web request during X509...

Advisories

Date Advisory Group Severity Type
25 Mar 2021 ASA-202103-20 AVG-1698 High arbitrary code execution
25 Mar 2021 ASA-202103-16 AVG-1449 High multiple issues