Search CVE reports
1 – 10 of 50 results
Some fixes available 4 of 6
Improper encoding or escaping of output in .NET allows an authorized attacker to perform spoofing over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| dotnet7 | Not in release | Not in release | Ignored | Not in release | Not in release |
| dotnet8 | Not in release | Fixed | Fixed | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |
| dotnet10 | Fixed | Fixed | Not in release | Not in release | Not in release |
Some fixes available 4 of 6
Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| dotnet7 | Not in release | Not in release | Ignored | Not in release | Not in release |
| dotnet8 | Not in release | Fixed | Fixed | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |
| dotnet10 | Fixed | Fixed | Not in release | Not in release | Not in release |
Some fixes available 4 of 6
Allocation of resources without limits or throttling in .NET Framework allows an unauthorized attacker to deny service over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| dotnet7 | Not in release | Not in release | Ignored | Not in release | Not in release |
| dotnet8 | Not in release | Fixed | Fixed | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |
| dotnet10 | Fixed | Fixed | Not in release | Not in release | Not in release |
Some fixes available 4 of 6
Incorrect authorization in .NET allows an unauthorized attacker to bypass a security feature over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| dotnet7 | Not in release | Not in release | Ignored | Not in release | Not in release |
| dotnet8 | Not in release | Fixed | Fixed | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |
| dotnet10 | Fixed | Fixed | Not in release | Not in release | Not in release |
Some fixes available 4 of 6
Stack-based buffer overflow in .NET Framework allows an unauthorized attacker to deny service over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| dotnet7 | Not in release | Not in release | Ignored | Not in release | Not in release |
| dotnet8 | Not in release | Fixed | Fixed | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |
| dotnet10 | Fixed | Fixed | Not in release | Not in release | Not in release |
Some fixes available 4 of 6
Improper link resolution before file access ('link following') in .NET allows an authorized attacker to perform tampering locally.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| dotnet7 | Not in release | Not in release | Ignored | Not in release | Not in release |
| dotnet8 | Not in release | Fixed | Fixed | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |
| dotnet10 | Fixed | Fixed | Not in release | Not in release | Not in release |
Some fixes available 4 of 6
Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| dotnet7 | Not in release | Not in release | Ignored | Not in release | Not in release |
| dotnet8 | Not in release | Fixed | Fixed | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |
| dotnet10 | Fixed | Fixed | Not in release | Not in release | Not in release |
Some fixes available 4 of 6
Improper validation of specified type of input in .NET Framework allows an unauthorized attacker to deny service over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| dotnet7 | Not in release | Not in release | Ignored | Not in release | Not in release |
| dotnet8 | Not in release | Fixed | Fixed | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |
| dotnet10 | Fixed | Fixed | Not in release | Not in release | Not in release |
Some fixes available 4 of 6
Improper verification of cryptographic signature in .NET allows an unauthorized attacker to bypass a security feature over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| dotnet7 | Not in release | Not in release | Ignored | Not in release | Not in release |
| dotnet8 | Not in release | Fixed | Fixed | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |
| dotnet10 | Fixed | Fixed | Not in release | Not in release | Not in release |
Some fixes available 4 of 6
Authentication bypass by assumed-immutable data in ASP.NET Core allows an authorized attacker to elevate privileges over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| dotnet7 | Not in release | Not in release | Ignored | Not in release | Not in release |
| dotnet8 | Not in release | Fixed | Fixed | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |
| dotnet10 | Fixed | Fixed | Not in release | Not in release | Not in release |