CVE-2021-43877 – ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-43877
ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en ASP.NET Core y Visual Studio • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43877 •
CVE-2021-34532 – ASP.NET Core and Visual Studio Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-34532
ASP.NET Core and Visual Studio Information Disclosure Vulnerability Una Vulnerabilidad de Divulgación de Información en ASP.NET Core y Visual Studio • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34532 https://access.redhat.com/security/cve/CVE-2021-34532 https://bugzilla.redhat.com/show_bug.cgi?id=1990300 • CWE-532: Insertion of Sensitive Information into Log File •
CVE-2021-1723 – ASP.NET Core and Visual Studio Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1723
ASP.NET Core and Visual Studio Denial of Service Vulnerability Una Vulnerabilidad de Denegación de Servicio de ASP.NET Core y Visual Studio A flaw was found in dotnet. Running callbacks outside of locks results in Krestel deadlock using HTTP2. The highest threat from this vulnerability is to system availability. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1723 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1723 https://access.redhat.com/security/cve/CVE-2021-1723 https://bugzilla.redhat.com/show_bug.cgi?id=1914258 • CWE-833: Deadlock •