CVE-2021-31957Missing Release of Resource after Effective Lifetime in Microsoft NET Core 3.1

CWE-772Missing Release of Resource after Effective Lifetime5 documents5 sources
Severity
5.9MEDIUMCNA
GHSA7.5OSV7.5
No vector
EPSS
6.8%
top 8.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Microsoft Visual Studio 2019 Version 16.10Microsoft Visual Studio 2019 Version 16.4Microsoft Visual Studio 2019 Version 16.7+4 more
Timeline
PublishedJun 8
Latest updateOct 6

Description

ASP.NET Core Denial of Service Vulnerability ASP.NET Core Denial of Service Vulnerability

Affected Packages7 packages

CVEListV5microsoft/net_core_3.13.13.1.16
CVEListV5microsoft/net_5.05.0.05.0.7

🔴Vulnerability Details

3
GHSA
ASP.NET Core Denial of Service Vulnerability2021-10-06
OSV
ASP.NET Core Denial of Service Vulnerability2021-10-06
CVEList
ASP.NET Core Denial of Service Vulnerability2021-06-08

📋Vendor Advisories

2
Microsoft
ASP.NET Core Denial of Service Vulnerability2021-06-08
Red Hat
dotnet: ASP.NET Core Client Disconnect Denial of Service2021-06-08
CVE-2021-31957 — Microsoft NET Core 3.1 vulnerability | cvebase