Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2022:0829
HistoryMar 10, 2022 - 2:46 p.m.

(RHSA-2022:0829) Important: .NET Core 3.1 on RHEL 7 security and bugfix update

2022-03-1014:46:13
access.redhat.com
57

0.006 Low

EPSS

Percentile

79.0%

JSON

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

New versions of .NET that address security vulnerabilities are now available. The updated versions are .NET SDK 3.1.417 and .NET Runtime 3.1.23.

Security Fix(es):

  • dotnet: ASP.NET Denial of Service via FormPipeReader (CVE-2022-24464)

  • dotnet: double parser stack buffer overrun (CVE-2022-24512)

  • brotli: buffer overflow when input chunk is larger than 2GiB (CVE-2020-8927)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat7x86_64rh-dotnet31-dotnet-apphost-pack-3.1< 3.1.23-1.el7_9rh-dotnet31-dotnet-apphost-pack-3.1-3.1.23-1.el7_9.x86_64.rpm
RedHat7x86_64rh-dotnet31-dotnet-targeting-pack-3.1< 3.1.23-1.el7_9rh-dotnet31-dotnet-targeting-pack-3.1-3.1.23-1.el7_9.x86_64.rpm
RedHat7x86_64rh-dotnet31-dotnet-debuginfo< 3.1.417-1.el7_9rh-dotnet31-dotnet-debuginfo-3.1.417-1.el7_9.x86_64.rpm
RedHat7x86_64rh-dotnet31-dotnet-hostfxr-3.1< 3.1.23-1.el7_9rh-dotnet31-dotnet-hostfxr-3.1-3.1.23-1.el7_9.x86_64.rpm
RedHat7x86_64rh-dotnet31-dotnet< 3.1.417-1.el7_9rh-dotnet31-dotnet-3.1.417-1.el7_9.x86_64.rpm
RedHat7x86_64rh-dotnet31-netstandard-targeting-pack-2.1< 3.1.417-1.el7_9rh-dotnet31-netstandard-targeting-pack-2.1-3.1.417-1.el7_9.x86_64.rpm
RedHat7x86_64rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts< 3.1.417-1.el7_9rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-3.1.417-1.el7_9.x86_64.rpm
RedHat7x86_64rh-dotnet31-aspnetcore-targeting-pack-3.1< 3.1.23-1.el7_9rh-dotnet31-aspnetcore-targeting-pack-3.1-3.1.23-1.el7_9.x86_64.rpm
RedHat7x86_64rh-dotnet31-dotnet-runtime-3.1< 3.1.23-1.el7_9rh-dotnet31-dotnet-runtime-3.1-3.1.23-1.el7_9.x86_64.rpm
RedHat7x86_64rh-dotnet31-dotnet-sdk-3.1< 3.1.417-1.el7_9rh-dotnet31-dotnet-sdk-3.1-3.1.417-1.el7_9.x86_64.rpm
Rows per page:
1-10 of 131

Related

fedora 12
rocky 7
openvas 26
altlinux 7
nessus 45
redhat 14
almalinux 4
osv 26
oraclelinux 4
kaspersky 1
ibm 3
mscve 3
cvelist 3
nvd 3
cve 3
suse 2
redhatcve 3
github 3
rustsec 2
veracode 3
archlinux 2
cbl_mariner 3
prion 3
debiancve 1
debian 2
alpinelinux 1
mageia 1
ubuntu 1
ubuntucve 1
gitlab 1
photon 2
hivepro 2
thn 1
malwarebytes 1
krebs 1
threatpost 1
rapid7blog 1
fedora
fedora
[SECURITY] Fedora 35 Update: dotnet3.1-3.1.417-1.fc35
2022-03-27 01:18:11
[SECURITY] Fedora 34 Update: dotnet3.1-3.1.417-1.fc34
2022-03-27 01:40:58
[SECURITY] Fedora 36 Update: dotnet3.1-3.1.417-1.fc36
2022-03-26 15:56:33
rocky
rocky
.NET 5.0 security and bugfix update
2022-03-10 14:46:56
.NET Core 3.1 security and bugfix update
2022-03-10 14:44:29
.NET 5.0 security and bugfix update
2022-03-11 02:19:05
openvas
openvas
Fedora: Security Advisory for dotnet3.1 (FEDORA-2022-d28042f559)
2022-03-28 00:00:00
Fedora: Security Advisory for dotnet3.1 (FEDORA-2022-5ecee47acb)
2022-03-28 00:00:00
Fedora: Security Advisory for dotnet3.1 (FEDORA-2022-9e046f579a)
2022-03-27 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package dotnet-coreclr-3.1 version 3.1.23-alt1
2022-04-02 00:00:00
Security fix for the ALT Linux 10 package dotnet-bootstrap-3.1 version 3.1.23-alt1
2022-04-02 00:00:00
Security fix for the ALT Linux 10 package dotnet-bootstrap-5.0 version 5.0.15-alt1
2022-04-02 00:00:00
nessus
nessus
RHEL 7 : .NET 5.0 on RHEL 7 (RHSA-2022:0828)
2022-03-11 00:00:00
RHEL 8 : .NET Core 3.1 (RHSA-2022:0827)
2022-03-11 00:00:00
RHEL 8 : .NET 5.0 (RHSA-2022:0830)
2022-03-11 00:00:00
redhat
redhat
(RHSA-2022:0830) Important: .NET 5.0 security and bugfix update
2022-03-10 14:46:56
(RHSA-2022:0827) Important: .NET Core 3.1 security and bugfix update
2022-03-10 14:44:29
(RHSA-2022:0828) Important: .NET 5.0 on RHEL 7 security and bugfix update
2022-03-10 14:45:10
almalinux
almalinux
Important: .NET 5.0 security and bugfix update
2022-03-10 14:46:56
Important: .NET Core 3.1 security and bugfix update
2022-03-10 14:44:29
Important: .NET 6.0 security and bugfix update
2022-03-10 14:43:46
osv
osv
Important: .NET 5.0 security and bugfix update
2022-03-10 14:46:56
Important: .NET 5.0 security and bugfix update
2022-03-10 14:46:56
Important: .NET Core 3.1 security and bugfix update
2022-03-10 14:44:29
oraclelinux
oraclelinux
.NET 5.0 security and bugfix update
2022-03-11 00:00:00
.NET Core 3.1 security and bugfix update
2022-03-11 00:00:00
.NET 6.0 security and bugfix update
2022-03-11 00:00:00
kaspersky
kaspersky
KLA12474 Multiple vulnerabilities in Microsoft Developer Tools
2022-03-08 00:00:00
ibm
ibm
Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak
2022-08-20 18:29:33
Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Security Verify Access
2022-01-07 00:24:27
Security Bulletin: IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities
2021-12-03 18:52:37
mscve
mscve
.NET and Visual Studio Denial of Service Vulnerability
2022-03-08 08:00:00
Brotli Library Buffer Overflow Vulnerability
2022-03-08 08:00:00
.NET and Visual Studio Remote Code Execution Vulnerability
2022-03-08 08:00:00
cvelist
cvelist
CVE-2022-24464 .NET and Visual Studio Denial of Service Vulnerability
2022-03-09 17:07:46
CVE-2020-8927 Buffer overflow in Brotli library
2020-09-15 09:15:12
CVE-2022-24512 .NET and Visual Studio Remote Code Execution Vulnerability
2022-03-09 17:08:15
nvd
nvd
CVE-2022-24464
2022-03-09 17:15:14
CVE-2020-8927
2020-09-15 10:15:12
CVE-2022-24512
2022-03-09 17:15:15
cve
cve
CVE-2022-24464
2022-03-09 17:15:14
CVE-2020-8927
2020-09-15 10:15:12
CVE-2022-24512
2022-03-09 17:15:15
suse
suse
Security update for brotli (moderate)
2020-09-30 00:00:00
Security update for brotli (moderate)
2021-12-06 00:00:00
redhatcve
redhatcve
CVE-2020-8927
2020-09-15 18:00:05
CVE-2022-24464
2022-03-08 18:17:25
CVE-2022-24512
2022-03-08 18:41:27
github
github
Integer overflow in the bundled Brotli C library
2022-05-24 17:28:21
.NET Denial of Service Vulnerability
2022-10-21 20:32:34
.NET Remote Code Execution Vulnerability
2022-10-18 21:46:08
rustsec
rustsec
Integer overflow in the bundled Brotli C library
2021-12-20 12:00:00
Integer overflow in the bundled Brotli C library
2021-12-20 12:00:00
veracode
veracode
Denial Of Service (DoS)
2020-09-29 03:53:18
Denial Of Service (DoS)
2022-03-22 00:35:14
Remote Code Execution (RCE)
2022-03-22 00:35:17
archlinux
archlinux
[ASA-202009-13] brotli: denial of service
2020-09-26 00:00:00
[ASA-202009-12] lib32-brotli: denial of service
2020-09-26 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-8927 affecting package powershell 7.2.1-1
2022-04-07 06:04:11
CVE-2020-8927 affecting package brotli 1.0.7-9
2020-11-30 19:30:57
CVE-2020-8927 affecting package brotli for versions less than 1.0.7-10
2022-04-09 06:51:43
prion
prion
Denial of service
2022-03-09 17:15:00
Buffer overflow
2020-09-15 10:15:00
Remote code execution
2022-03-09 17:15:00
debiancve
debiancve
CVE-2020-8927
2020-09-15 10:15:12
debian
debian
[SECURITY] [DLA 2476-1] brotli security update
2020-12-01 22:58:17
[SECURITY] [DSA 4801-1] brotli security update
2020-12-01 21:49:43
alpinelinux
alpinelinux
CVE-2020-8927
2020-09-15 10:15:12
mageia
mageia
Updated brotli packages fix security vulnerability
2020-10-16 18:44:59
ubuntu
ubuntu
Brotli vulnerability
2020-10-05 00:00:00
ubuntucve
ubuntucve
CVE-2020-8927
2020-09-15 00:00:00
gitlab
gitlab
Buffer Overflow
2020-09-15 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2022-3.0-0488
2022-11-16 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0279
2022-11-10 00:00:00
hivepro
hivepro
Microsoft addressed three zero-day vulnerabilities March 2022 Patch Tuesday Update
2022-03-09 14:14:19
Weekly Threat Digest: 7 – 13 March 2022
2022-03-14 16:24:44
thn
thn
Critical Security Patches Issued by Microsoft, Adobe and Other Major Software Firms
2022-03-09 05:44:00
malwarebytes
malwarebytes
Update now! Microsoft patches three zero-day vulnerabilities on Patch Tuesday
2022-03-09 19:51:59
krebs
krebs
Microsoft Patch Tuesday, March 2022 Edition
2022-03-09 16:22:12
threatpost
threatpost
Microsoft Addresses 3 Zero-Days & 3 Critical Bugs for March Patch Tuesday
2022-03-08 21:42:06
rapid7blog
rapid7blog
Patch Tuesday - March 2022
2022-03-08 21:08:35

0.006 Low

EPSS

Percentile

79.0%

JSON
Related for RHSA-2022:0829
fedora12rocky7openvas26altlinux7nessus45redhat14almalinux4osv26oraclelinux4kaspersky1ibm3mscve3cvelist3nvd3cve3suse2redhatcve3github3rustsec2veracode3archlinux2cbl_mariner3prion3debiancve1debian2alpinelinux1mageia1ubuntu1ubuntucve1gitlab1photon2hivepro2thn1malwarebytes1krebs1threatpost1rapid7blog1