virus logo FortiClient Vulnerability

Security Vulnerabilities fixed in dotnet6.0 RHSA-2022:4588

description-logoDescription

.NET is a managed-software framework. It implements a subset of the .NETframework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are nowavailable. The updated versions are .NET Core SDK 6.0.105 and .NET Core Runtime6.0.5. Security Fix(es): dotnet: excess memory allocation via HttpClient causes DoS (CVE-2022-23267) dotnet: malicious content causes high CPU and memory usage (CVE-2022-29117) dotnet: parsing HTML causes Denial of Service (CVE-2022-29145) dotnet: excess memory allocation via HttpClient causes DoS (CVE-2022-23267) dotnet: malicious content causes high CPU and memory usage (CVE-2022-29117) dotnet: parsing HTML causes Denial of Service (CVE-2022-29145) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): Update .NET 6.0 to SDK 6.0.104 and Runtime 6.0.4 (BZ#2080460) SolutionFor details on how to apply this update, which includes the changes described in this advisory, refer to:https://access.redhat.com/articles/11258

affected-products-logoAffected Applications

dotnet6.0

CVE References

CVE-2022-23267 CVE-2022-29145 CVE-2022-29117

Other References

https://access.redhat.com/errata/RHSA-2022:4588
ID 72459
Created May 21, 2022
Description
Updated		 Dec 20, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor RedHat
Patch auto
Application dotnet6.0