INFSA-2024:4451: dotnet8.0 security update
Information about definition
Identificator: INFSA-2024:4451
Type: security
Release date: 2024-08-23 19:10:33 UTC
Information about package
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.107 and Runtime 8.0.7.
Vulnerabilities description
- CVE-2024-30105
.NET Core and Visual Studio Denial of Service Vulnerability.
- CVE-2024-35264
.NET and Visual Studio Remote Code Execution Vulnerability.
- CVE-2024-38095
.NET and Visual Studio Denial of Service Vulnerability.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2024-30105
|
no information | 7.5 | no information |
|
NIST — CVE-2024-35264
|
no information | 8.1 | no information |
|
NIST — CVE-2024-38095
|
no information | 5.3 | no information |
Updated packages