.NET | Number Of NVD | 65 | CRITICAL | 2 | HIGH | 49 | MEDIUM | 14 | LOW | 0 |
URL | https://docs.microsoft.com/ja-jp/dotnet/ | ||||||||
---|---|---|---|---|---|---|---|---|---|
Explanation | NET is a free and open source development platform for building various types of apps, including Web apps, Web APIs, and microservices Serverless functions in the cloud Cloud native apps Mobile apps Desktop apps Windows WPF Windows Forms Universal Windows Platform (UWP) Games Internet of Things (IoT) Machine Learning Console Apps Windows Services Use class libraries to share functionality between different apps and app types. NET, your code and project files will look the same regardless of the type of app you build. NET, your code and project files will look the same regardless of the type of app you build. Excerpted from [https://docs.microsoft.com/ja-jp/dotnet/core/introduction] |
||||||||
Tag |
No | Type | Name | URL |
---|---|---|---|
1 | https://docs.microsoft.com/ja-jp/dotnet/core/releases-and-support | ||
2 | https://github.com/dotnet/core/blob/main/roadmap.md | ||
3 | https://github.com/dotnet/core/blob/main/release-notes/README.md |
No | Name | Latest Version | Release date | Initial release | Normal Support | Security Support Service Pack Support |
Extended for a fee |
Critical | High | Medium | Low |
---|---|---|---|---|---|---|---|---|---|---|---|
1 | .NET 6 | 6.0.0 | Nov. 8, 2021 | Nov. 8, 2021 | Nov. 8, 2024 | 2 | 30 | 6 | 0 | ||
2 | .NET 5 | 5.0.17 | May 10, 2022 | Nov. 10, 2020 | 0 | 10 | 6 | 0 | |||
3 | .NET Core 3.1 (LTS) | 3.1.32 | Dec. 13, 2022 | Dec. 3, 2019 | Dec. 3, 2022 | 0 | 14 | 7 | 0 | ||
4 | .NET Core 3.0 | 3.0.3 | Feb. 18, 2020 | Sept. 23, 2019 | March 3, 2020 | 0 | 3 | 0 | 0 | ||
5 | .NET Core 2.2 | 2.2.8 | Nov. 19, 2019 | Dec. 4, 2018 | Dec. 23, 2019 | 0 | 5 | 1 | 0 | ||
6 | .NET Core 2.1 (LTS) | 2.1.30 | Aug. 20, 2021 | May 30, 2018 | Aug. 21, 2021 | 0 | 11 | 3 | 0 | ||
7 | .NET Core 2.0 | 2.0.9 | July 10, 2018 | Aug. 14, 2017 | Oct. 1, 2018 | 0 | 3 | 1 | 0 | ||
8 | .NET Core 1.1 | 1.1.13 | March 7, 2017 | Nov. 16, 2016 | June 27, 2019 | 0 | 4 | 1 | 0 | ||
9 | .NET Core 1.0 | 1.0.16 | May 14, 2019 | June 27, 2016 | June 27, 2019 | 0 | 6 | 2 | 0 | ||
10 | .NET 6.0 | 6.0.2 | 2 | 30 | 6 | 0 | |||||
11 | .NET 4.8 | 4.8.1 | 0 | 0 | 0 | 0 | |||||
12 | .NET 4.7 | 4.7.2 | 0 | 0 | 0 | 0 | |||||
13 | .NET 4.6 | 4.6.2 | 0 | 0 | 0 | 0 | |||||
14 | .NET 4.5 | 4.5 | 0 | 0 | 0 | 0 | |||||
15 | .NET 4.0 | 4.0 | 0 | 0 | 0 | 0 | |||||
16 | .NET 3.5 | 3.5.1 | 0 | 0 | 0 | 0 | |||||
17 | .NET 1.1 | 1.1.9 | 0 | 4 | 1 | 0 |
No | CVSS3 CVSS2 |
Level Attach Vector |
Title | CWE | CVE | cpe23Uri | or higher | or less | more than | less than | Update date Published date |
Show Affected | Exploit PoC Search |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 |
6.8 - |
MEDIUM
Network |
Microsoft Identity Denial of service vulnerability |
NVD-CWE-noinfo
|
CVE-2024-21319 | cpe:2.3:a:microsoft:.net:*:* |
7.0.0 6.0.0 8.0.0 |
|
|
7.0.15 6.0.26 8.0.1 |
2024-04-12 05:15 2024-01-10 |
Show | GitHub Exploit DB Packet Storm |
2 |
7.5 - |
HIGH
Network
.NET Denial of Service Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-20672
|
cpe:2.3:a:microsoft:.net:*:*
|
7.0.0 |
6.0.0
|
|
7.0.15 |
6.0.26
2024-01-15 07:48 |
2024-01-10
Show
|
GitHub
Exploit DB
Packet Storm
|
|
3 |
9.8 - |
CRITICAL
Network
NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-0057
|
cpe:2.3:a:microsoft:.net:8.0.0:- |
cpe:2.3:a:microsoft:.net:*:*
7.0.0 |
6.0.0
|
|
7.0.15 |
6.0.26
2024-04-12 05:15 |
2024-01-10
Show
|
GitHub
Exploit DB
Packet Storm
|
|
4 |
8.7 - |
HIGH
Network |
Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability |
NVD-CWE-noinfo
|
CVE-2024-0056 |
cpe:2.3:a:microsoft:.net:8.0.0:- cpe:2.3:a:microsoft:.net:*:* |
7.0.0 6.0.0 |
|
|
7.0.15 6.0.26 |
2024-04-12 05:15 2024-01-10 |
Show | GitHub Exploit DB Packet Storm |
5 |
5.5 - |
MEDIUM
Local |
ASP.NET Core - Security Feature Bypass Vulnerability |
NVD-CWE-noinfo
|
CVE-2023-36558 |
cpe:2.3:a:microsoft:.net:8.0.0:rc2 cpe:2.3:a:microsoft:.net:8.0.0:rc1 cpe:2.3:a:microsoft:.net:*:* |
7.0.0 6.0.0 |
|
|
7.0.14 6.0.25 |
2023-11-22 05:01 2023-11-15 |
Show | GitHub Exploit DB Packet Storm |
6 |
9.8 - |
CRITICAL
Network
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
|
NVD-CWE-noinfo
|
CVE-2023-36049
|
cpe:2.3:a:microsoft:.net:8.0.0:rc2 |
cpe:2.3:a:microsoft:.net:8.0.0:rc1 cpe:2.3:a:microsoft:.net:*:*
7.0.0 |
6.0.0
|
|
7.0.14 |
6.0.25
2023-11-22 04:25 |
2023-11-15
Show
|
GitHub
Exploit DB
Packet Storm
|
|
7 |
7.5 - |
HIGH
Network
Microsoft QUIC Denial of Service Vulnerability
|
NVD-CWE-noinfo
|
CVE-2023-38171
|
cpe:2.3:a:microsoft:.net:*:*
|
7.0.0
|
|
|
7.0.12
|
2023-10-13 07:19 |
2023-10-11
Show
|
GitHub
Exploit DB
Packet Storm
|
|
8 |
7.5 - |
HIGH
Network
Microsoft QUIC Denial of Service Vulnerability
|
NVD-CWE-noinfo
|
CVE-2023-36435
|
cpe:2.3:a:microsoft:.net:*:*
|
7.0.0
|
7.0.12
|
|
|
2023-10-13 02:50 |
2023-10-11
Show
|
GitHub
Exploit DB
Packet Storm
|
|
9 |
7.5 - |
HIGH
Network
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
|
CWE-400
|
Uncontrolled Resource Consumption
CVE-2023-44487
|
cpe:2.3:a:microsoft:.net:*:*
|
7.0.0 |
6.0.0
|
|
7.0.12 |
6.0.23
2024-04-26 18:15 |
2023-10-10
Show
|
GitHub
Exploit DB
Packet Storm
|
|
10 |
6.5 - |
MEDIUM
Network |
.NET Core and Visual Studio Denial of Service Vulnerability |
NVD-CWE-noinfo
|
CVE-2023-36799 |
cpe:2.3:a:microsoft:.net:7.0.0:* cpe:2.3:a:microsoft:.net:6.0.0:- |
2023-09-15 05:21 2023-09-13 |
Show | GitHub Exploit DB Packet Storm |