HIGH 7.5 NuGet
ASP.NET Core and Visual Studio Denial of Service Vulnerability
GHSA-242j-2gm6-5rwx · BIT-aspnet-core-2021-1723 · CVE-2021-1723
Published · Modified
Description
A denial-of-service vulnerability exists in the way Kestrel parses HTTP/2 requests. The security update addresses the vulnerability by fixing the way the Kestrel parses HTTP/2 requests. Users are advised to upgrade.
References
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2021-1723
- WEB https://github.com/dotnet/announcements/issues/170
- WEB https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L27CGRVEWUPELNJOGTCW6GLEDBECB4B
- WEB https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRXHERXW4KR5WCP76UDW5PC7GX3YQLUW
- WEB https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1723
Ready to move
Start Securing
Free, no credit card | First findings in minutes