Brennan Conroy discovered that the .NET Kestrel web server did not
properly handle closing HTTP/3 streams under certain circumstances. An
attacker could possibly use this issue to achieve remote code execution.
This vulnerability only impacted .NET8. (CVE-2024-38229)
It was discovered that .NET components designed to process malicious input
were susceptible to hash flooding attacks. An attacker could possibly use
this issue to cause a denial of service, resulting in a crash.
(CVE-2024-43483)
It was discovered that the .NET System.IO.Packaging namespace did not
properly process SortedList data structures. An attacker could possibly
use this issue to cause a denial of service, resulting in a crash.
(CVE-2024-43484)
It was discovered that .NET did not properly handle the deserialization of
of certain JSON properties. An attacker could possibly use this issue to
cause a denial of service, resulting in a crash. (CVE-2024-43485)
More Stories
python-virtualenv-20.21.1-25.el10_0~bootstrap
FEDORA-EPEL-2024-34cd7a65de Packages in this update: python-virtualenv-20.21.1-25.el10_0~bootstrap Update description: Prevent command injection by quoting template strings in activation scripts Read More
python-virtualenv-20.21.1-25.fc41
FEDORA-2024-89014f5794 Packages in this update: python-virtualenv-20.21.1-25.fc41 Update description: Prevent command injection by quoting template strings in activation scripts Read More
python-virtualenv-20.21.1-25.fc40
FEDORA-2024-112e897674 Packages in this update: python-virtualenv-20.21.1-25.fc40 Update description: Prevent command injection by quoting template strings in activation scripts Read More
python-virtualenv-20.21.1-25.fc39
FEDORA-2024-f7d6b76677 Packages in this update: python-virtualenv-20.21.1-25.fc39 Update description: Prevent command injection by quoting template strings in activation scripts Read More
USN-7057-2: WEBrick vulnerability
USN-7057-1 fixed a vulnerability in WEBrick. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: It...
koji-1.35.1-1.el8
FEDORA-EPEL-2024-a09b624fa1 Packages in this update: koji-1.35.1-1.el8 Update description: Update to 1.35.1. Includes fix for CVE-2024-9427 Read More