Описание
An information disclosure vulnerability exists when the .NET Framework improperly handles objects in memory. An attacker who successfully exploited the vulnerability could disclose contents of an affected system's memory.
To exploit the vulnerability, an authenticated attacker would need to run a specially crafted application.
The update addresses the vulnerability by correcting how the .NET Framework handles objects in memory.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| .NET Core 2.1 on Red Hat Enterprise Linux | rh-dotnet21 | Not affected | ||
| .NET Core 3.1 on Red Hat Enterprise Linux | rh-dotnet31 | Not affected | ||
| Red Hat Enterprise Linux 8 | dotnet | Not affected | ||
| Red Hat Enterprise Linux 8 | dotnet3.1 | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
<p>An information disclosure vulnerability exists when the .NET Framework improperly handles objects in memory. An attacker who successfully exploited the vulnerability could disclose contents of an affected system's memory.</p> <p>To exploit the vulnerability, an authenticated attacker would need to run a specially crafted application.</p> <p>The update addresses the vulnerability by correcting how the .NET Framework handles objects in memory.</p>
<p>An information disclosure vulnerability exists when the .NET Framew ...
An information disclosure vulnerability exists when the .NET Framework improperly handles objects in memory, aka '.NET Framework Information Disclosure Vulnerability'.
Уязвимость программной платформы Microsoft .NET Framework, связанная с ошибками обработки объектов в памяти, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
5.5 Medium
CVSS3