RHSA-2024:0157HighCVSS 9.8
Red Hat Security Advisory: .NET 7.0 security update
🔗 CVE IDs covered (4)
📋 Description
CVE-2023-46233 — crypto-js: PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard CVE-2024-0056 — dotnet: Information Disclosure: MD.SqlClient(MDS) & System.data.SQLClient (SDS) CVE-2024-0057 — dotnet: X509 Certificates - Validation Bypass across Azure CVE-2024-21319 — dotnet: .NET Denial of Service Vulnerability
🔗 References (6)
- selfhttps://access.redhat.com/errata/RHSA-2024:0157
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2255384
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2255386
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2257566
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0157.json