RHSA-2024:0805HighCVSS 9.1
Red Hat Security Advisory: dotnet7.0 security update
🔗 CVE IDs covered (3)
📋 Description
CVE-2023-46233 — crypto-js: PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard CVE-2024-21386 — dotnet: Denial of Service in SignalR server CVE-2024-21404 — dotnet: Denial of Service in X509Certificate2
🔗 References (5)
- selfhttps://access.redhat.com/errata/RHSA-2024:0805
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2263085
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2263086
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0805.json