RLSA-2022:0495

Опубликовано: 09 фев. 2022

Источник: rocky

Оценка: Important

Описание

Important: .NET 5.0 security and bugfix update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.211 and .NET Runtime 5.0.14.

Security Fix(es):

dotnet: ASP.NET Core Krestel HTTP headers pooling denial of service (CVE-2022-219862)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 8

Связанные CVE

CVE-2022-21986

Ссылки на источники

Исправления

https://bugzilla.redhat.com/show_bug.cgi?id=2051490
Red Hat - 2051490

Связанные уязвимости

CVE-2022-21986

CVSS3: 7.5

redhat

почти 4 года назад

.NET Denial of Service Vulnerability

CVE-2022-21986

CVSS3: 7.5

nvd

почти 4 года назад

.NET Denial of Service Vulnerability

CVE-2022-21986

CVSS3: 7.5

msrc

почти 4 года назад

.NET Denial of Service Vulnerability

RLSA-2022:0496

rocky

почти 4 года назад

Important: .NET 6.0 security and bugfix update

GHSA-x459-p2rx-f8ff

CVSS3: 7.5

github

больше 3 лет назад

.NET Denial of Service Vulnerability