Описание
An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect, aka ".NET Core Information Disclosure Vulnerability." This affects .NET Core 2.1, .NET Core 1.0, .NET Core 1.1, PowerShell Core 6.0.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| .NET Core 2.0 on Red Hat Enterprise Linux | rh-dotnet20-dotnet | Out of support scope | ||
| .NET Core 2.1 on Red Hat Enterprise Linux | rh-dotnet21-dotnet | Not affected | ||
| .NET Core on Red Hat Enterprise Linux | rh-dotnetcore10-dotnetcore | Fixed | RHSA-2018:2902 | 10.10.2018 |
| .NET Core on Red Hat Enterprise Linux | rh-dotnetcore11-dotnetcore | Fixed | RHSA-2018:2902 | 10.10.2018 |
| .NET Core on Red Hat Enterprise Linux | rh-dotnetcore10-dotnetcore | Fixed | RHSA-2018:2902 | 10.10.2018 |
| .NET Core on Red Hat Enterprise Linux | rh-dotnetcore11-dotnetcore | Fixed | RHSA-2018:2902 | 10.10.2018 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.4 High
CVSS3
Связанные уязвимости
An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect, aka ".NET Core Information Disclosure Vulnerability." This affects .NET Core 2.1, .NET Core 1.0, .NET Core 1.1, PowerShell Core 6.0.
An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect, aka ".NET Core Information Disclosure Vulnerability." This affects .NET Core 2.1, .NET Core 1.0, .NET Core 1.1, PowerShell Core 6.0.
Уязвимость программного средства .NET Core и расширяемого средства автоматизации PowerShell Core, связанная с ошибками процедуры аутентификации, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
7.4 High
CVSS3