Microsoft Microsoft.Netcore.App.Runtime.Linux-Musl-Arm64 vulnerabilities

26 known vulnerabilities affecting microsoft/microsoft.netcore.app.runtime.linux-musl-arm64.

Total CVEs

26

CISA KEV

1

actively exploited

Public exploits

1

Exploited in wild

1

Severity breakdown

HIGH17MEDIUM9

Vulnerabilities

Page 2 of 2

CVE-2022-24512MEDIUM≥ 3.0.0, < 3.1.23≥ 5.0.0, < 5.0.15+1 more2022-10-18

CVE-2022-24512 [MEDIUM] .NET Remote Code Execution Vulnerability .NET Remote Code Execution Vulnerability Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0, .NET 5.0, and .NET Core 3.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A Remote Code Execution vulnerability exists in .NET 6.0, .NET 5.0, and .NET Core 3.1 where a stack buffer overrun occurs in .NET Double P

CVE-2020-1147HIGHKEVPoC≥ 3.1.0, < 3.1.62022-05-24

CVE-2020-1147 [HIGH] .NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability .NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.

CVE-2020-1108HIGH≥ 3.1.0, < 3.1.42022-05-24

CVE-2020-1108 [HIGH] .NET Core & .NET Framework Denial of Service Vulnerability .NET Core & .NET Framework Denial of Service Vulnerability A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.

CVE-2021-1721MEDIUM≥ 3.1.0, < 3.1.12≥ 5.0.0, < 5.0.32022-05-24

CVE-2021-1721 [MEDIUM] Denial of service in .NET core Denial of service in .NET core .NET Core and Visual Studio Denial of Service Vulnerability due to a vulnerability which exists when creating HTTPS web request during X509 certificate chain building.

CVE-2020-8927MEDIUM≥ 3.0.0, < 3.1.23≥ 5.0.0, < 5.0.15+1 more2022-05-24

CVE-2020-8927 [MEDIUM] CWE-120 Integer overflow in the bundled Brotli C library Integer overflow in the bundled Brotli C library A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "s

CVE-2020-36846MEDIUM≥ 3.0.0, < 3.1.23≥ 5.0.0, < 5.0.15+1 more2022-05-24

CVE-2020-36846 [MEDIUM] Integer overflow in the bundled Brotli C library Integer overflow in the bundled Brotli C library A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streamin

← Previous2 / 2