CVE-2021-24112 — Microsoft NET Core 2.1 vulnerability

9 documents7 sources

Severity

8.1HIGHCNA

GHSA9.8OSV9.8

No vector

EPSS

1.1%

top 21.86%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Mono 6.12.0 Microsoft NET 5.0 Microsoft NET Core 2.1 +2 more

Timeline

PublishedFeb 25

Latest updateJul 15

Description

.NET Core Remote Code Execution Vulnerability .NET Core Remote Code Execution Vulnerability

Affected Packages5 packages

▶CVEListV5microsoft/net_core_2.12.1 — publication

▶CVEListV5microsoft/net_core_3.13.1 — publication

▶CVEListV5microsoft/net_5.05.0.0 — publication

▶CVEListV5microsoft/mono_6.12.06.12.0 — publication

▶CVEListV5microsoft/visual_studio_2019_for_mac8.0.0 — publication

🔴Vulnerability Details

OSV

.NET Core Remote Code Execution Vulnerability↗2022-05-24

▶

GHSA

.NET Core Remote Code Execution Vulnerability↗2022-05-24

▶

GHSA

.NET Core Remote Code Execution Vulnerability↗2021-04-21

▶

CVEList

.NET Core Remote Code Execution Vulnerability↗2021-02-25

▶

📋Vendor Advisories

Oracle

Oracle Oracle MySQL Risk Matrix: Connector/Net (.NET Core) — CVE-2021-24112↗2024-07-15

▶

Oracle

Oracle Oracle Hyperion Risk Matrix: Web Client - Unicode (.NET Core) — CVE-2021-24112↗2023-07-15

▶

Red Hat

dotnet: Remote Code Execution Vulnerability↗2021-02-25

▶

Microsoft

.NET Core Remote Code Execution Vulnerability↗2021-02-09

▶