virus logo FortiClient Vulnerability

Security Vulnerabilities fixed in dotnet RHSA-2019:1259

description-logoDescription

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. A new version of .NET Core that address security vulnerabilities is now available. The updated version is .NET Core Runtime 2.1.11 and SDK 2.1.507. Security Fix(es): * dotnet: NuGet Tampering Vulnerability (CVE-2019-0757) * dotnet: timeouts for regular expressions are not enforced (CVE-2019-0820) * dotnet: infinite loop in URI.TryCreate leading to ASP.Net Core Denial of Service (CVE-2019-0980) * dotnet: crash in IPAddress.TryCreate leading to ASP.Net Core Denial of Service (CVE-2019-0981) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * dotnet: new SocketException((int)SocketError.InvalidArgument).Message is empty (BZ#1712471)

affected-products-logoAffected Applications

dotnet

CVE References

CVE-2019-0757 CVE-2019-0820 CVE-2019-0980 CVE-2019-0981

Other References

https://access.redhat.com/errata/RHSA-2019:1259
ID 58227
Created Jan 17, 2020
Description
Updated		 Dec 20, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor RedHat
Patch auto
Application dotnet