Описание
Important: .NET 8.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.125 and .NET Runtime 8.0.25.Security Fix(es):
- asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation (CVE-2026-26130)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Затронутые продукты
Rocky Linux 9
Связанные CVE
Исправления
- Red Hat - 2446134
Связанные уязвимости
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.
A flaw was found in ASP.NET Core. This vulnerability allows an unauthorized attacker to perform a Denial of Service (DoS) attack over a network by allocating resources without limits or throttling. This can lead to the unavailability of the service for legitimate users.
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.
