Bitnami package
dotnet-sdk
pkg:bitnami/dotnet-sdk
Vulnerabilities (93)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-21392 | — | >= 7.0.0, < 7.0.17 | 7.0.17 | Mar 12, 2024 | .NET and Visual Studio Denial of Service Vulnerability | ||
| CVE-2024-21319 | — | >= 6.0.0, < 6.0.26 | 6.0.26 | Jan 9, 2024 | Microsoft Identity Denial of service vulnerability | ||
| CVE-2024-0057 | — | >= 6.0.0, < 6.0.26 | 6.0.26 | Jan 9, 2024 | NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability | ||
| CVE-2024-0056 | — | >= 6.0.0, < 6.0.26 | 6.0.26 | Jan 9, 2024 | Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability | ||
| CVE-2024-20672 | — | >= 6.0.0, < 6.0.26 | 6.0.26 | Jan 9, 2024 | .NET Denial of Service Vulnerability | ||
| CVE-2023-36038 | — | < 8.0.0 | 8.0.0 | Nov 14, 2023 | ASP.NET Core Denial of Service Vulnerability | ||
| CVE-2023-36558 | — | >= 6.0.0, < 6.0.25 | 6.0.25 | Nov 14, 2023 | ASP.NET Core Security Feature Bypass Vulnerability | ||
| CVE-2023-36049 | — | >= 6.0.0, < 6.0.25 | 6.0.25 | Nov 14, 2023 | .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | ||
| CVE-2023-36435 | — | >= 7.0.0, < 7.0.13 | 7.0.13 | Oct 10, 2023 | Microsoft QUIC Denial of Service Vulnerability | ||
| CVE-2023-38171 | — | >= 7.0.0, < 7.0.12 | 7.0.12 | Oct 10, 2023 | Microsoft QUIC Denial of Service Vulnerability | ||
| CVE-2023-44487 | Hig | 7.5 | KEV | >= 6.0.0, < 6.0.23 | 6.0.23 | Oct 10, 2023 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
| CVE-2023-36792 | — | >= 6.0.0, < 6.0.1 | 6.0.1 | Sep 12, 2023 | Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2023-36793 | — | >= 6.0.0, < 6.0.1 | 6.0.1 | Sep 12, 2023 | Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2023-36794 | — | >= 6.0.0, < 6.0.1 | 6.0.1 | Sep 12, 2023 | Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2023-36796 | — | >= 6.0.0, < 6.0.1 | 6.0.1 | Sep 12, 2023 | Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2023-36799 | — | >= 6.0.0, < 6.0.1 | 6.0.1 | Sep 12, 2023 | .NET Core and Visual Studio Denial of Service Vulnerability | ||
| CVE-2023-38180 | — | KEV | >= 6.0.0, < 6.0.21 | 6.0.21 | Aug 8, 2023 | .NET and Visual Studio Denial of Service Vulnerability | |
| CVE-2023-35391 | — | >= 6.0.0, < 6.0.21 | 6.0.21 | Aug 8, 2023 | ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability | ||
| CVE-2023-38178 | — | >= 6.0.0, < 6.0.1 | 6.0.1 | Aug 8, 2023 | .NET Core and Visual Studio Denial of Service Vulnerability | ||
| CVE-2023-35390 | — | >= 6.0.0, < 6.0.21 | 6.0.21 | Aug 8, 2023 | .NET and Visual Studio Remote Code Execution Vulnerability |
- CVE-2024-21392Mar 12, 2024affected >= 7.0.0, < 7.0.17fixed 7.0.17
.NET and Visual Studio Denial of Service Vulnerability
- CVE-2024-21319Jan 9, 2024affected >= 6.0.0, < 6.0.26fixed 6.0.26
Microsoft Identity Denial of service vulnerability
- CVE-2024-0057Jan 9, 2024affected >= 6.0.0, < 6.0.26fixed 6.0.26
NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
- CVE-2024-0056Jan 9, 2024affected >= 6.0.0, < 6.0.26fixed 6.0.26
Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
- CVE-2024-20672Jan 9, 2024affected >= 6.0.0, < 6.0.26fixed 6.0.26
.NET Denial of Service Vulnerability
- CVE-2023-36038Nov 14, 2023affected < 8.0.0fixed 8.0.0
ASP.NET Core Denial of Service Vulnerability
- CVE-2023-36558Nov 14, 2023affected >= 6.0.0, < 6.0.25fixed 6.0.25
ASP.NET Core Security Feature Bypass Vulnerability
- CVE-2023-36049Nov 14, 2023affected >= 6.0.0, < 6.0.25fixed 6.0.25
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
- CVE-2023-36435Oct 10, 2023affected >= 7.0.0, < 7.0.13fixed 7.0.13
Microsoft QUIC Denial of Service Vulnerability
- CVE-2023-38171Oct 10, 2023affected >= 7.0.0, < 7.0.12fixed 7.0.12
Microsoft QUIC Denial of Service Vulnerability
- affected >= 6.0.0, < 6.0.23fixed 6.0.23
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
- CVE-2023-36792Sep 12, 2023affected >= 6.0.0, < 6.0.1fixed 6.0.1
Visual Studio Remote Code Execution Vulnerability
- CVE-2023-36793Sep 12, 2023affected >= 6.0.0, < 6.0.1fixed 6.0.1
Visual Studio Remote Code Execution Vulnerability
- CVE-2023-36794Sep 12, 2023affected >= 6.0.0, < 6.0.1fixed 6.0.1
Visual Studio Remote Code Execution Vulnerability
- CVE-2023-36796Sep 12, 2023affected >= 6.0.0, < 6.0.1fixed 6.0.1
Visual Studio Remote Code Execution Vulnerability
- CVE-2023-36799Sep 12, 2023affected >= 6.0.0, < 6.0.1fixed 6.0.1
.NET Core and Visual Studio Denial of Service Vulnerability
- affected >= 6.0.0, < 6.0.21fixed 6.0.21
.NET and Visual Studio Denial of Service Vulnerability
- CVE-2023-35391Aug 8, 2023affected >= 6.0.0, < 6.0.21fixed 6.0.21
ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability
- CVE-2023-38178Aug 8, 2023affected >= 6.0.0, < 6.0.1fixed 6.0.1
.NET Core and Visual Studio Denial of Service Vulnerability
- CVE-2023-35390Aug 8, 2023affected >= 6.0.0, < 6.0.21fixed 6.0.21
.NET and Visual Studio Remote Code Execution Vulnerability
Page 3 of 5