dotnet-sdk-3.1

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description The .NET Core SDK
Version 3.1.17.sdk117-1 [community]

Open

Group Affected Fixed Severity Status Ticket
AVG-2278 3.1.17.sdk117-1 Medium Vulnerable
Issue Group Severity Remote Type Description
CVE-2021-34532 AVG-2278 Medium No Information disclosure
An information disclosure vulnerability exists in .NET 5.0 before Runtime 5.0.9 and SDK 5.0.206 as well as .NET Core 3.1 before Runtime 3.1.18 and SDK...
CVE-2021-34485 AVG-2278 Medium No Information disclosure
An information disclosure vulnerability exists in .NET 5.0 before Runtime 5.0.9 and SDK 5.0.206 as well as .NET Core 3.1 before Runtime 3.1.18 and SDK...
CVE-2021-26423 AVG-2278 Medium Yes Denial of service
A denial of service vulnerability exists in .NET 5.0 before Runtime 5.0.9 and SDK 5.0.206 as well as .NET Core 3.1 before Runtime 3.1.18 and SDK 3.1.118...

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1945 3.1.14.sdk114-1 3.1.15.sdk115-1 Medium Fixed
AVG-1701 3.1.12.sdk112-3 3.1.13.sdk113-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2021-31204 AVG-1945 Medium No Privilege escalation
An elevation of privilege vulnerability exists in .NET 5.0 and .NET Core 3.1 when a user runs a single file application on operating systems based on Linux...
CVE-2021-26701 AVG-1701 High Yes Arbitrary code execution
A remote code execution vulnerability exists in .NET 5.0 before Runtime 5.0.4 and SDK 5.0.104 as well as .NET Core 3.1 before Runtime 3.1.13 and SDK 3.1.113...

Advisories

Date Advisory Group Severity Type
25 May 2021 ASA-202105-23 AVG-1945 Medium privilege escalation
25 Mar 2021 ASA-202103-23 AVG-1701 High arbitrary code execution