Saturday, February 12, 2022

Red Hat: CVE-2022-219862: Important: .NET 6.0 security and bugfix update (RHSA-2022:0496)

rapid7 vulnerabilities In: , 
Description
A vulnerability was found in dotnet’s ASP.NET Core Krestel when pooling HTTP/2 and HTTP/3 headers. This flaw allows a remote, unauthenticated attacker to cause a denial of service.
Solution(s)
  • redhat-upgrade-aspnetcore-runtime-6-0
  • redhat-upgrade-aspnetcore-targeting-pack-6-0
  • redhat-upgrade-dotnet
  • redhat-upgrade-dotnet-apphost-pack-6-0
  • redhat-upgrade-dotnet-apphost-pack-6-0-debuginfo
  • redhat-upgrade-dotnet-host
  • redhat-upgrade-dotnet-host-debuginfo
  • redhat-upgrade-dotnet-hostfxr-6-0
  • redhat-upgrade-dotnet-hostfxr-6-0-debuginfo
  • redhat-upgrade-dotnet-runtime-6-0
  • redhat-upgrade-dotnet-runtime-6-0-debuginfo
  • redhat-upgrade-dotnet-sdk-6-0
  • redhat-upgrade-dotnet-sdk-6-0-debuginfo
  • redhat-upgrade-dotnet-targeting-pack-6-0
  • redhat-upgrade-dotnet-templates-6-0
  • redhat-upgrade-dotnet6-0-debuginfo
  • redhat-upgrade-dotnet6-0-debugsource
  • redhat-upgrade-netstandard-targeting-pack-2-1


    • References
  • CVE-2022-219862
  • RHSA-2022:0496




    •  

    Copyright © 2021 Vulnerability Database | Cyber Details™

    thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore