Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:ALSA-2022:0827
HistoryMar 10, 2022 - 2:44 p.m.

Important: .NET Core 3.1 security and bugfix update

2022-03-1014:44:29
Google
osv.dev
16
.net framework
security update
bugfix
cve-2022-24464
cve-2022-24512
cve-2020-8927
cvss score
asp.net denial of service
buffer overflow
.net sdk 3.1.417
.net runtime 3.1.23
brotli

AI Score

7.4

Confidence

High

EPSS

0.01

Percentile

83.5%

JSON

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

New versions of .NET that address security vulnerabilities are now available. The updated versions are .NET SDK 3.1.417 and .NET Runtime 3.1.23.

Security Fix(es):

  • dotnet: ASP.NET Denial of Service via FormPipeReader (CVE-2022-24464)

  • dotnet: double parser stack buffer overrun (CVE-2022-24512)

  • brotli: buffer overflow when input chunk is larger than 2GiB (CVE-2020-8927)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Related

redhat 10
almalinux 4
osv 28
openvas 26
altlinux 7
fedora 12
rocky 7
nessus 48
oraclelinux 4
kaspersky 1
ibm 2
mscve 3
cvelist 3
cve 3
nvd 3
redhatcve 3
veracode 3
prion 3
github 3
suse 2
rustsec 2
archlinux 2
cbl_mariner 3
debian 2
mageia 1
alpinelinux 1
debiancve 1
ubuntu 1
gitlab 1
ubuntucve 1
photon 2
thn 1
malwarebytes 1
hivepro 2
krebs 1
threatpost 1
rapid7blog 1
redhat
redhat
(RHSA-2022:0827) Important: .NET Core 3.1 security and bugfix update
2022-03-10 14:44:29
(RHSA-2022:0830) Important: .NET 5.0 security and bugfix update
2022-03-10 14:46:56
(RHSA-2022:0829) Important: .NET Core 3.1 on RHEL 7 security and bugfix update
2022-03-10 14:46:13
almalinux
almalinux
Important: .NET 5.0 security and bugfix update
2022-03-10 14:46:56
Important: .NET Core 3.1 security and bugfix update
2022-03-10 14:44:29
Important: .NET 6.0 security and bugfix update
2022-03-10 14:43:46
osv
osv
Important: .NET 5.0 security and bugfix update
2022-03-10 14:46:56
Important: .NET 5.0 security and bugfix update
2022-03-10 14:46:56
Important: .NET Core 3.1 security and bugfix update
2022-03-10 14:44:29
openvas
openvas
Fedora: Security Advisory for dotnet3.1 (FEDORA-2022-d28042f559)
2022-03-28 00:00:00
Fedora: Security Advisory for dotnet3.1 (FEDORA-2022-5ecee47acb)
2022-03-28 00:00:00
Fedora: Security Advisory for dotnet3.1 (FEDORA-2022-9e046f579a)
2022-03-27 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package dotnet-coreclr-3.1 version 3.1.23-alt1
2022-04-02 00:00:00
Security fix for the ALT Linux 10 package dotnet-bootstrap-5.0 version 5.0.15-alt1
2022-04-02 00:00:00
Security fix for the ALT Linux 10 package dotnet-bootstrap-3.1 version 3.1.23-alt1
2022-04-02 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: dotnet3.1-3.1.417-1.fc35
2022-03-27 01:18:11
[SECURITY] Fedora 36 Update: dotnet3.1-3.1.417-1.fc36
2022-03-26 15:56:33
[SECURITY] Fedora 34 Update: dotnet3.1-3.1.417-1.fc34
2022-03-27 01:40:58
rocky
rocky
.NET 5.0 security and bugfix update
2022-03-10 14:46:56
.NET Core 3.1 security and bugfix update
2022-03-10 14:44:29
.NET 5.0 security and bugfix update
2022-03-11 02:19:05
nessus
nessus
RHEL 8 : .NET Core 3.1 (RHSA-2022:0827)
2022-03-11 00:00:00
RHEL 7 : .NET 5.0 on RHEL 7 (RHSA-2022:0828)
2022-03-11 00:00:00
Security Updates for Microsoft Visual Studio Products (March 2022)
2022-03-08 00:00:00
oraclelinux
oraclelinux
.NET 5.0 security and bugfix update
2022-03-11 00:00:00
.NET Core 3.1 security and bugfix update
2022-03-11 00:00:00
.NET 6.0 security and bugfix update
2022-03-11 00:00:00
kaspersky
kaspersky
KLA12474 Multiple vulnerabilities in Microsoft Developer Tools
2022-03-08 00:00:00
ibm
ibm
Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak
2022-08-20 18:29:33
Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Security Verify Access
2022-01-07 00:24:27
mscve
mscve
.NET and Visual Studio Denial of Service Vulnerability
2022-03-08 08:00:00
Brotli Library Buffer Overflow Vulnerability
2022-03-08 08:00:00
.NET and Visual Studio Remote Code Execution Vulnerability
2022-03-08 08:00:00
cvelist
cvelist
CVE-2022-24464 .NET and Visual Studio Denial of Service Vulnerability
2022-03-09 17:07:46
CVE-2020-8927 Buffer overflow in Brotli library
2020-09-15 09:15:12
CVE-2022-24512 .NET and Visual Studio Remote Code Execution Vulnerability
2022-03-09 17:08:15
cve
cve
CVE-2022-24464
2022-03-09 17:15:14
CVE-2020-8927
2020-09-15 10:15:12
CVE-2022-24512
2022-03-09 17:15:15
nvd
nvd
CVE-2022-24464
2022-03-09 17:15:14
CVE-2020-8927
2020-09-15 10:15:12
CVE-2022-24512
2022-03-09 17:15:15
redhatcve
redhatcve
CVE-2022-24464
2022-03-08 18:17:25
CVE-2020-8927
2020-09-15 18:00:05
CVE-2022-24512
2022-03-08 18:41:27
veracode
veracode
Denial Of Service (DoS)
2022-03-22 00:35:14
Denial Of Service (DoS)
2020-09-29 03:53:18
Remote Code Execution (RCE)
2022-03-22 00:35:17
prion
prion
Denial of service
2022-03-09 17:15:00
Buffer overflow
2020-09-15 10:15:00
Remote code execution
2022-03-09 17:15:00
github
github
.NET Denial of Service Vulnerability
2022-10-21 20:32:34
Integer overflow in the bundled Brotli C library
2022-05-24 17:28:21
.NET Remote Code Execution Vulnerability
2022-10-18 21:46:08
suse
suse
Security update for brotli (moderate)
2020-09-30 00:00:00
Security update for brotli (moderate)
2021-12-06 00:00:00
rustsec
rustsec
Integer overflow in the bundled Brotli C library
2021-12-20 12:00:00
Integer overflow in the bundled Brotli C library
2021-12-20 12:00:00
archlinux
archlinux
[ASA-202009-13] brotli: denial of service
2020-09-26 00:00:00
[ASA-202009-12] lib32-brotli: denial of service
2020-09-26 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-8927 affecting package brotli for versions less than 1.0.7-10
2022-04-09 06:51:43
CVE-2020-8927 affecting package brotli 1.0.7-9
2020-11-30 19:30:57
CVE-2020-8927 affecting package powershell 7.2.1-1
2022-04-07 06:04:11
debian
debian
[SECURITY] [DSA 4801-1] brotli security update
2020-12-01 21:49:43
[SECURITY] [DLA 2476-1] brotli security update
2020-12-01 22:58:17
mageia
mageia
Updated brotli packages fix security vulnerability
2020-10-16 18:44:59
alpinelinux
alpinelinux
CVE-2020-8927
2020-09-15 10:15:12
debiancve
debiancve
CVE-2020-8927
2020-09-15 10:15:12
ubuntu
ubuntu
Brotli vulnerability
2020-10-05 00:00:00
gitlab
gitlab
Buffer Overflow
2020-09-15 00:00:00
ubuntucve
ubuntucve
CVE-2020-8927
2020-09-15 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2022-4.0-0279
2022-11-10 00:00:00
Important Photon OS Security Update - PHSA-2022-3.0-0488
2022-11-16 00:00:00
thn
thn
Critical Security Patches Issued by Microsoft, Adobe and Other Major Software Firms
2022-03-09 05:44:00
malwarebytes
malwarebytes
Update now! Microsoft patches three zero-day vulnerabilities on Patch Tuesday
2022-03-09 19:51:59
hivepro
hivepro
Microsoft addressed three zero-day vulnerabilities March 2022 Patch Tuesday Update
2022-03-09 14:14:19
Weekly Threat Digest: 7 – 13 March 2022
2022-03-14 16:24:44
krebs
krebs
Microsoft Patch Tuesday, March 2022 Edition
2022-03-09 16:22:12
threatpost
threatpost
Microsoft Addresses 3 Zero-Days & 3 Critical Bugs for March Patch Tuesday
2022-03-08 21:42:06
rapid7blog
rapid7blog
Patch Tuesday - March 2022
2022-03-08 21:08:35

AI Score

7.4

Confidence

High

EPSS

0.01

Percentile

83.5%

JSON
Related for OSV:ALSA-2022:0827
redhat10almalinux4osv28openvas26altlinux7fedora12rocky7nessus48oraclelinux4kaspersky1ibm2mscve3cvelist3cve3nvd3redhatcve3veracode3prion3github3suse2rustsec2archlinux2cbl_mariner3debian2mageia1alpinelinux1debiancve1ubuntu1gitlab1ubuntucve1photon2thn1malwarebytes1hivepro2krebs1threatpost1rapid7blog1