Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2021-26423

A denial of service vulnerability exists in .NET 5.0 before Runtime 5.0.9 and SDK 5.0.206 as well as .NET Core 3.1 before Runtime 3.1.18 and SDK 3.1.118 where .NET (Core) server applications providing WebSocket endpoints could be tricked into endlessly looping while trying to read a single WebSocket frame.

Source

Severity Medium

Remote Yes

Type Denial of service

Description

A denial of service vulnerability exists in .NET 5.0 before Runtime 5.0.9 and SDK 5.0.206 as well as .NET Core 3.1 before Runtime 3.1.18 and SDK 3.1.118 where .NET (Core) server applications providing WebSocket endpoints could be tricked into endlessly looping while trying to read a single WebSocket frame.

AVG-2278 dotnet-runtime-3.1, dotnet-sdk-3.1 3.1.17.sdk117-1 Medium Vulnerable

AVG-2277 dotnet-runtime, dotnet-sdk 5.0.8.sdk205-1 Medium Vulnerable

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26423
https://github.com/dotnet/announcements/issues/194

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Vulmon Search

About

Products

Connect