Denial of service in .NET core

GHSA-3gp9-h8hw-pxpw · BIT-dotnet-2021-1721 · BIT-dotnet-sdk-2021-1721 · CVE-2021-1721

Published May 24, 2022 · Modified Nov 29, 2024

Description

.NET Core and Visual Studio Denial of Service Vulnerability due to a vulnerability which exists when creating HTTPS web request during X509 certificate chain building.

References

6.5 / 10

MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Packages

NuGet/Microsoft.NETCore.App

Fix 2.1.25

Introduced 2.1.0

25 affected versions

2.1.02.1.12.1.102.1.112.1.122.1.132.1.142.1.152.1.162.1.172.1.182.1.192.1.22.1.202.1.212.1.222.1.232.1.242.1.32.1.4 +5 more

NuGet/Microsoft.NETCore.App.Host.linux-arm

Fix 3.1.12

Introduced 3.1.0

12 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.9

NuGet/Microsoft.NETCore.App.Host.linux-arm64

Fix 3.1.12

Introduced 3.1.0

12 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.9

NuGet/Microsoft.NETCore.App.Host.linux-musl-arm64

Fix 3.1.12

Introduced 3.1.0

12 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.9

NuGet/Microsoft.NETCore.App.Host.linux-musl-x64

Fix 3.1.12

Introduced 3.1.0

12 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.9

NuGet/Microsoft.NETCore.App.Host.linux-x64

Fix 3.1.12

Introduced 3.1.0

12 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.9

NuGet/Microsoft.NETCore.App.Host.osx-x64

Fix 3.1.12

Introduced 3.1.0

12 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.9

NuGet/Microsoft.NETCore.App.Host.rhel.6-x64

Fix 3.1.12

Introduced 3.1.0

12 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.9

NuGet/Microsoft.NETCore.App.Host.win-arm

Fix 3.1.12

Introduced 3.1.0

12 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.9

NuGet/Microsoft.NETCore.App.Host.win-arm64

Fix 3.1.12

Introduced 3.1.0

12 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.9

NuGet/Microsoft.NETCore.App.Host.win-x64

Fix 3.1.12

Introduced 3.1.0

12 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.9

NuGet/Microsoft.NETCore.App.Host.win-x86

Fix 3.1.12

Introduced 3.1.0

12 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.9

NuGet/Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.Mono.linux-arm

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.Mono.linux-arm64

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.Mono.linux-x64

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.Mono.osx-x64

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.android-arm

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.android-arm64

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.android-x64

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.android-x86

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.browser-wasm

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.ios-arm

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.ios-x64

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.ios-x86

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.linux-arm

Fix 3.1.12, 5.0.3

Introduced 3.1.0, 5.0.0

15 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.95.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.linux-arm64

Fix 3.1.12, 5.0.3

Introduced 3.1.0, 5.0.0

15 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.95.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.linux-musl-arm

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.linux-musl-arm64

Fix 3.1.12, 5.0.3

Introduced 3.1.0, 5.0.0

15 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.95.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.linux-musl-x64

Fix 3.1.12, 5.0.3

Introduced 3.1.0, 5.0.0

15 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.95.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.linux-x64

Fix 3.1.12, 5.0.3

Introduced 3.1.0, 5.0.0

15 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.95.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.osx-x64

Fix 3.1.12, 5.0.3

Introduced 3.1.0, 5.0.0

15 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.95.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.rhel.6-x64

Fix 3.1.12

Introduced 3.1.0

12 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.9

NuGet/Microsoft.NETCore.App.Runtime.tvos-arm64

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.tvos-x64

Fix 5.0.3

Introduced 5.0.0

3 affected versions

5.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.win-arm

Fix 3.1.12, 5.0.3

Introduced 3.1.0, 5.0.0

15 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.95.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.win-arm64

Fix 3.1.12, 5.0.3

Introduced 3.1.0, 5.0.0

15 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.95.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.win-x64

Fix 3.1.12, 5.0.3

Introduced 3.1.0, 5.0.0

15 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.95.0.05.0.15.0.2

NuGet/Microsoft.NETCore.App.Runtime.win-x86

Fix 3.1.12, 5.0.3

Introduced 3.1.0, 5.0.0

15 affected versions

3.1.03.1.13.1.103.1.113.1.23.1.33.1.43.1.53.1.63.1.73.1.83.1.95.0.05.0.15.0.2

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes