7.5 KiB

Исходник Постоянная ссылка Ответственный История

.NET 6 CVEs

The .NET Team releases monthly updates for .NET 6 on Patch Tuesday. These updates often include security fixes.

Your app needs to be on the latest .NET 6 patch version to be secure. The longer you wait to upgrade, the greater the exposure to CVEs.

Which CVEs apply to my app?

Your app may be vulnerable to the following published security CVEs if you are using an older .NET 6 patch version.

6.0.35 (October 2024)
- CVE-2024-43483 | .NET Denial of Service Vulnerability
- CVE-2024-43484 | .NET Denial of Service Vulnerability
- CVE-2024-43485 | .NET Denial of Service Vulnerability
6.0.33 (August 2024)
- No new CVEs.
6.0.32 (July 2024)
- CVE-2024-38095 | .NET Denial of Service Vulnerability
- CVE-2024-38081 | .NET Denial of Service Vulnerability
6.0.31 (May 28 2024)
- No new CVEs.
6.0.30 (May 2024)
- No new CVEs.
6.0.29 (April 2024)
- CVE-2024-21409 | .NET Denial of Service Vulnerability
6.0.27 (February 2024)
- CVE-2024-21386 | .NET Denial of Service Vulnerability
- CVE-2024-21404 | .NET Denial of Service Vulnerability
6.0.26 (January 2024)
- CVE-2024-0056 | .NET Information Disclosure Vulnerability
- CVE-2024-0057 | .NET Security Feature Bypass Vulnerability
- CVE-2024-21319 | .NET Denial of Service Vulnerability
6.0.25 (November 2023)
- CVE-2023-36049 | .NET Elevation of Privilege Vulnerability
- CVE-2023-36558 | .NET Security Feature Bypass Vulnerability
6.0.24 (October 2023)
- CVE-2023-44487 | .NET Denial of Service Vulnerability
- CVE-2023-36799 | .NET Denial of Service Vulnerability
- CVE-2023-36796 | .NET Remote Code Execution Vulnerability
- CVE-2023-36793 | .NET Remote Code Execution Vulnerability
- CVE-2023-36794 | .NET Remote Code Execution Vulnerability
- CVE-2023-36792 | .NET Remote Code Execution Vulnerability
6.0.23 (October 2023)
- CVE-2023-44487 | .NET Denial of Service Vulnerability
6.0.22 (September 2023)
- CVE-2023-36799 | .NET Denial of Service Vulnerability
- CVE-2023-36796 | .NET Remote Code Execution Vulnerability
- CVE-2023-36793 | .NET Remote Code Execution Vulnerability
- CVE-2023-36794 | .NET Remote Code Execution Vulnerability
- CVE-2023-36792 | .NET Remote Code Execution Vulnerability
6.0.21 (August 2023)
- CVE-2023-35390 | .NET Remote Code Execution Vulnerability
- CVE-2023-38180 | .NET Denial of Service Vulnerability
- CVE-2023-35391 | .NET Information Disclosure Vulnerability
6.0.20 (July 2023)
- No new CVEs.
6.0.19 (June 2023)
- CVE-2023-24895 | .NET Remote Code Execution Vulnerability
- CVE-2023-24897 | .NET Remote Code Execution Vulnerability
- CVE-2023-24936 | .NET Elevation of Privilege Vulnerability
- CVE-2023-29331 | .NET Denial of Service Vulnerability
- CVE-2023-29337 | Nuget Client Remote Code Execution Vulnerability
- CVE-2023-32032 | .NET Elevation of Privilege Vulnerability
- CVE-2023-33126 | .NET Remote Code Execution Vulnerability
- CVE-2023-33128 | .NET Remote Code Execution Vulnerability
- CVE-2023-33135 | .NET Elevation of Privilege Vulnerability
6.0.18 (June 2023)
- No new CVEs.
6.0.17 (May 2023)
- No new CVEs.
6.0.16 (April 2023)
- CVE-2023-28260 | .NET Remote Code Execution Vulnerability
6.0.15 (March 2023)
- No new CVEs.
6.0.14 (February 2023)
- CVE-2023-21808 | .NET Remote Code Execution Vulnerability
6.0.13 (January 2023)
- CVE-2023-21538 | .NET Denial of Service Vulnerability
6.0.12 (December 2022)
- CVE-2022-41089 | .NET Remote Code Execution Vulnerability
6.0.11 (November 2022)
- No new CVEs.
6.0.10 (October 2022)
- CVE-2022-41032 | .NET Core Elevation of Privilege Vulnerability
6.0.9 (September 2022)
- CVE-2022-38013 | .NET Core Denial of Service Vulnerability
6.0.8 (August 2022)
- CVE-2022-34716 | .NET Core Information Disclosure Vulnerability
6.0.7 (July 2022)
- No new CVEs.
6.0.6 (June 2022)
- CVE-2022-30184 | .NET Core Information Disclosure Vulnerability
6.0.5 (May 2022)
- CVE-2022-29145 | ASP.NET Core Denial of Service Vulnerability
- CVE-2022-23267 | .NET Denial of Service Vulnerability
- CVE-2022-29117 | .NET Denial of Service Vulnerability
6.0.4 (April 2022)
- No new CVEs.
6.0.3 (March 2022)
- CVE-2022-24512 | .NET Remote Code Execution
- CVE-2022-24464 | ASP.NET Denial of Service Vulnerability
6.0.2 (February 2022)
- CVE-2022-21986 | ASP.NET Denial of Service Vulnerability
6.0.1 (December 2021)
- CVE-2021-43877 | ASP.NET Core Elevation of privilege Vulnerability
6.0.0 (November 2021)
- No new CVEs.

CVE exposure is cumulative. For example, apps running on the 6.0.0 release may be vulnerable to the CVEs present in 6.0.1 and newer releases. The latest release is not vulnerable to any published CVEs.

7.5 KiB Исходник Постоянная ссылка Ответственный История

.NET 6 CVEs

Which CVEs apply to my app?

7.5 KiB

Исходник Постоянная ссылка Ответственный История