CWE-407
Allowed-with-ReviewInefficient Algorithmic Complexity
Abstraction: Class · Status: Incomplete
An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.
193 vulnerabilities reference this CWE, most recent first.
GHSA-M6HH-VP2V-RM5M
Vulnerability from github – Published: 2025-02-20 03:32 – Updated: 2025-02-20 03:32The hash table used to manage connections in picoquic before b80fd3f uses a weak hash function, allowing remote attackers to cause a considerable CPU load on the server (a Hash DoS attack) by initiating connections with colliding Source Connection IDs (SCIDs).
{
"affected": [],
"aliases": [
"CVE-2025-24946"
],
"database_specific": {
"cwe_ids": [
"CWE-407"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-20T03:15:12Z",
"severity": "MODERATE"
},
"details": "The hash table used to manage connections in picoquic before b80fd3f uses a weak hash function, allowing remote attackers to cause a considerable CPU load on the server (a Hash DoS attack) by initiating connections with colliding Source Connection IDs (SCIDs).",
"id": "GHSA-m6hh-vp2v-rm5m",
"modified": "2025-02-20T03:32:03Z",
"published": "2025-02-20T03:32:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24946"
},
{
"type": "WEB",
"url": "https://github.com/private-octopus/picoquic/commit/b80fd3f5903279ae3e7714ee4109363d9ab4491a"
},
{
"type": "WEB",
"url": "https://github.com/ncc-pbottine/QUIC-Hash-Dos-Advisory"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-MFJ6-6P54-M98C
Vulnerability from github – Published: 2026-03-31 23:49 – Updated: 2026-03-31 23:49Impact
The GraphQL query complexity validator can be exploited to cause a denial-of-service by sending a crafted query with binary fan-out fragment spreads. A single unauthenticated request can block the Node.js event loop for seconds, denying service to all concurrent users. This only affects deployments that have enabled the requestComplexity.graphQLDepth or requestComplexity.graphQLFields configuration options.
Patches
The fix replaces the per-branch fragment traversal with memoized fragment computation, reducing the traversal from exponential O(2^N) to linear O(N) time. Additionally, early termination aborts the traversal as soon as configured limits are exceeded.
Workarounds
Disable GraphQL complexity limits by setting requestComplexity.graphQLDepth and requestComplexity.graphQLFields to -1 (the default).
Resources
- GitHub security advisory: https://github.com/parse-community/parse-server/security/advisories/GHSA-mfj6-6p54-m98c
- Fix Parse Server 9: https://github.com/parse-community/parse-server/pull/10344
- Fix Parse Server 8: https://github.com/parse-community/parse-server/pull/10345
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "parse-server"
},
"ranges": [
{
"events": [
{
"introduced": "9.0.0"
},
{
"fixed": "9.7.0-alpha.12"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "parse-server"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.6.68"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-34573"
],
"database_specific": {
"cwe_ids": [
"CWE-407"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-31T23:49:18Z",
"nvd_published_at": "2026-03-31T16:16:33Z",
"severity": "HIGH"
},
"details": "### Impact\n\nThe GraphQL query complexity validator can be exploited to cause a denial-of-service by sending a crafted query with binary fan-out fragment spreads. A single unauthenticated request can block the Node.js event loop for seconds, denying service to all concurrent users. This only affects deployments that have enabled the `requestComplexity.graphQLDepth` or `requestComplexity.graphQLFields` configuration options.\n\n### Patches\n\nThe fix replaces the per-branch fragment traversal with memoized fragment computation, reducing the traversal from exponential O(2^N) to linear O(N) time. Additionally, early termination aborts the traversal as soon as configured limits are exceeded.\n\n### Workarounds\n\nDisable GraphQL complexity limits by setting `requestComplexity.graphQLDepth` and `requestComplexity.graphQLFields` to `-1` (the default).\n\n### Resources\n\n- GitHub security advisory: https://github.com/parse-community/parse-server/security/advisories/GHSA-mfj6-6p54-m98c\n- Fix Parse Server 9: https://github.com/parse-community/parse-server/pull/10344\n- Fix Parse Server 8: https://github.com/parse-community/parse-server/pull/10345",
"id": "GHSA-mfj6-6p54-m98c",
"modified": "2026-03-31T23:49:18Z",
"published": "2026-03-31T23:49:18Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/parse-community/parse-server/security/advisories/GHSA-mfj6-6p54-m98c"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34573"
},
{
"type": "WEB",
"url": "https://github.com/parse-community/parse-server/pull/10344"
},
{
"type": "WEB",
"url": "https://github.com/parse-community/parse-server/pull/10345"
},
{
"type": "WEB",
"url": "https://github.com/parse-community/parse-server/commit/ea15412795f34594cc8a674fe858d445675e0295"
},
{
"type": "WEB",
"url": "https://github.com/parse-community/parse-server/commit/f759bda075298ec44e2b4fb57659a0c56620483b"
},
{
"type": "PACKAGE",
"url": "https://github.com/parse-community/parse-server"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "parse-server has GraphQL complexity validator exponential fragment traversal DoS"
}
GHSA-MVMF-94V6-879G
Vulnerability from github – Published: 2026-06-30 15:30 – Updated: 2026-07-02 21:32fzf is vulnerable to a Denial of Service (DoS) due to inefficient HTTP body processing in the --listen mode due to inefficient HTTP body processing using repeated string concatenation, resulting in quadratic time complexity (O(n²)). A crafted POST request with many small segments can trigger excessive CPU usage during request handling.This allows a single malicious request to monopolize the single‑threaded HTTP server, blocking all other clients and resulting in denial of service.
This issue was fixed in version 0.73.1.
{
"affected": [],
"aliases": [
"CVE-2026-53433"
],
"database_specific": {
"cwe_ids": [
"CWE-407"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-30T13:19:13Z",
"severity": "MODERATE"
},
"details": "fzf is vulnerable to a Denial of Service (DoS) due to inefficient HTTP body processing in the --listen mode due to inefficient HTTP body processing using repeated string concatenation, resulting in quadratic time complexity (O(n\u00b2)). A crafted POST request with many small segments can trigger excessive CPU usage during request handling.This allows a single malicious request to monopolize the single\u2011threaded HTTP server, blocking all other clients and resulting in denial of service.\n\nThis issue was fixed in version 0.73.1.",
"id": "GHSA-mvmf-94v6-879g",
"modified": "2026-07-02T21:32:10Z",
"published": "2026-06-30T15:30:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53433"
},
{
"type": "WEB",
"url": "https://github.com/junegunn/fzf/commit/7963a2c6586c0b9eaa89b8995de8f0e08cf8a4ce"
},
{
"type": "WEB",
"url": "https://cert.pl/en/posts/2026/06/CVE-2026-53432"
},
{
"type": "WEB",
"url": "https://github.com/junegunn/fzf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-PM8W-JQ9R-X5RP
Vulnerability from github – Published: 2026-02-09 15:30 – Updated: 2026-06-30 00:31A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).
{
"affected": [],
"aliases": [
"CVE-2025-14831"
],
"database_specific": {
"cwe_ids": [
"CWE-407"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-09T15:16:09Z",
"severity": "MODERATE"
},
"details": "A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).",
"id": "GHSA-pm8w-jq9r-x5rp",
"modified": "2026-06-30T00:31:28Z",
"published": "2026-02-09T15:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14831"
},
{
"type": "WEB",
"url": "https://gitlab.com/gnutls/gnutls/-/issues/1773"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-032379.html"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423177"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2025-14831"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:8748"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:8747"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:8746"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:7477"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:7335"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:7329"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:6738"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:6737"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:6630"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:6618"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:5606"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:5585"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:4655"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:4188"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:3477"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:33125"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:30850"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:30849"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:25096"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:16174"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:16009"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:16008"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:13812"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-Q2H6-GHWM-5QM8
Vulnerability from github – Published: 2026-06-25 21:29 – Updated: 2026-06-25 21:29Summary
InterfaceLookupFormatter<TKey,TElement> constructs an internal Dictionary<TKey, IGrouping<TKey,TElement>> with the default equality comparer instead of the security-aware comparer supplied by options.Security.GetEqualityComparer<TKey>().
Other hash-based collection formatters use the security-aware comparer when MessagePackSecurity.UntrustedData is configured. This formatter omission allows hash-collision CPU denial of service against ILookup<TKey,TElement> even when the application has opted into the untrusted-data security posture.
Impact
Applications are affected when they deserialize untrusted payloads into schemas containing ILookup<TKey,TElement> with a key type for which attacker-controlled hash collisions are feasible.
Under the default comparer, many colliding keys can degrade dictionary insertion from amortized constant time to quadratic behavior. A payload of colliding keys can consume CPU for a disproportionate amount of time. This bypasses the mitigation that developers intentionally enabled by using MessagePackSecurity.UntrustedData.
Affected components
- Package:
MessagePack - API:
InterfaceLookupFormatter<TKey,TElement>.Create - Data type:
ILookup<TKey,TElement> - Finding ID:
MESSAGEPACKCSHARP-041
Patches
Fixes are prepared and will be released in coordinated patch versions.
Upgrade guidance:
- Upgrade
MessagePackto the patched version for your release line. - Upgrade companion MessagePack packages in the same dependency graph to the coordinated patched versions.
The fix should create the internal dictionary with options.Security.GetEqualityComparer<TKey>(), matching the sibling dictionary and lookup formatter behavior.
Workarounds
Patching is recommended.
Until a patched version is available, avoid exposing ILookup<TKey,TElement> in DTOs that deserialize untrusted data. Use collection shapes that are already protected by the security-aware comparer path, or validate and cap collection sizes at the transport boundary.
Resources
MESSAGEPACKCSHARP-041:InterfaceLookupFormattermissing security comparer- CWE-407: Inefficient Algorithmic Complexity
{
"affected": [
{
"package": {
"ecosystem": "NuGet",
"name": "MessagePack"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.5.301"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "MessagePack"
},
"ranges": [
{
"events": [
{
"introduced": "3.0"
},
{
"fixed": "3.1.7"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-48516"
],
"database_specific": {
"cwe_ids": [
"CWE-407"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-25T21:29:39Z",
"nvd_published_at": "2026-06-22T22:16:48Z",
"severity": "MODERATE"
},
"details": "## Summary\n\n`InterfaceLookupFormatter\u003cTKey,TElement\u003e` constructs an internal `Dictionary\u003cTKey, IGrouping\u003cTKey,TElement\u003e\u003e` with the default equality comparer instead of the security-aware comparer supplied by `options.Security.GetEqualityComparer\u003cTKey\u003e()`.\n\nOther hash-based collection formatters use the security-aware comparer when `MessagePackSecurity.UntrustedData` is configured. This formatter omission allows hash-collision CPU denial of service against `ILookup\u003cTKey,TElement\u003e` even when the application has opted into the untrusted-data security posture.\n\n## Impact\n\nApplications are affected when they deserialize untrusted payloads into schemas containing `ILookup\u003cTKey,TElement\u003e` with a key type for which attacker-controlled hash collisions are feasible.\n\nUnder the default comparer, many colliding keys can degrade dictionary insertion from amortized constant time to quadratic behavior. A payload of colliding keys can consume CPU for a disproportionate amount of time. This bypasses the mitigation that developers intentionally enabled by using `MessagePackSecurity.UntrustedData`.\n\n## Affected components\n\n- Package: `MessagePack`\n- API: `InterfaceLookupFormatter\u003cTKey,TElement\u003e.Create`\n- Data type: `ILookup\u003cTKey,TElement\u003e`\n- Finding ID: `MESSAGEPACKCSHARP-041`\n\n## Patches\n\nFixes are prepared and will be released in coordinated patch versions.\n\nUpgrade guidance:\n\n1. Upgrade `MessagePack` to the patched version for your release line.\n2. Upgrade companion MessagePack packages in the same dependency graph to the coordinated patched versions.\n\nThe fix should create the internal dictionary with `options.Security.GetEqualityComparer\u003cTKey\u003e()`, matching the sibling dictionary and lookup formatter behavior.\n\n## Workarounds\n\nPatching is recommended.\n\nUntil a patched version is available, avoid exposing `ILookup\u003cTKey,TElement\u003e` in DTOs that deserialize untrusted data. Use collection shapes that are already protected by the security-aware comparer path, or validate and cap collection sizes at the transport boundary.\n\n## Resources\n\n- `MESSAGEPACKCSHARP-041`: `InterfaceLookupFormatter` missing security comparer\n- CWE-407: Inefficient Algorithmic Complexity",
"id": "GHSA-q2h6-ghwm-5qm8",
"modified": "2026-06-25T21:29:40Z",
"published": "2026-06-25T21:29:39Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/MessagePack-CSharp/MessagePack-CSharp/security/advisories/GHSA-q2h6-ghwm-5qm8"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48516"
},
{
"type": "PACKAGE",
"url": "https://github.com/MessagePack-CSharp/MessagePack-CSharp"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "MessagePack-CSharp: InterfaceLookupFormatter bypasses collision-resistant comparer settings"
}
GHSA-Q2MW-FVJ9-VVCW
Vulnerability from github – Published: 2026-05-04 22:02 – Updated: 2026-05-14 20:48Summary
Net::IMAP::ResponseReader has quadratic time complexity when reading large responses containing many string literals. A hostile server can send responses which are crafted to exhaust the client's CPU for a denial of service attack.
Details
For each literal in a response, ResponseReader rescans the entire growing response buffer. The regular expression that is used to scan the response buffer runs in linear time. With many literals, this becomes O(n²) total work. The regular expression should run in constant time: it is anchored to the end and only the last 23 bytes of the buffer are relevant.
Because the algorithmic complexity is super-linear, this bypasses protection from max_response_size: a response can stay well below the default size limit while still causing very large CPU cost.
Net::IMAP::ResponseReader runs continuously in the receiver thread until the connection closes.
Impact
This consumes disproportionate CPU time in the client's receiver thread. A hostile server could use this to exhaust the client's CPU for a denial of service attack.
For a response near the default max_response_size, each individual regexp scan could take between 100 to 200ms on common modern hardware, and this may be repeated 200k times per megabyte of response. While the regexp is scanning, it retains the Global VM lock, preventing other threads from running.
Although other threads should not be completely blocked, their run time will be significantly impacted.
Mitigation
- Upgrade to a patched version of net-imap that reads responses more efficiently.
- Do not connect to untrusted IMAP servers.
- When connecting to untrusted servers, a much smaller
max_response_size(for example: 8KiB) will limit the impact. Although this is too small for fetching unpaginated message bodies, it should be enough for most other operations.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.6.3"
},
"package": {
"ecosystem": "RubyGems",
"name": "net-imap"
},
"ranges": [
{
"events": [
{
"introduced": "0.6.0"
},
{
"fixed": "0.6.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.5.13"
},
"package": {
"ecosystem": "RubyGems",
"name": "net-imap"
},
"ranges": [
{
"events": [
{
"introduced": "0.5.0"
},
{
"fixed": "0.5.14"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.4.23"
},
"package": {
"ecosystem": "RubyGems",
"name": "net-imap"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.4.24"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-42245"
],
"database_specific": {
"cwe_ids": [
"CWE-407"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-04T22:02:56Z",
"nvd_published_at": "2026-05-09T20:16:28Z",
"severity": "LOW"
},
"details": "### Summary\n\n`Net::IMAP::ResponseReader` has quadratic time complexity when reading large responses containing many string literals. A hostile server can send responses which are crafted to exhaust the client\u0027s CPU for a denial of service attack.\n\n### Details\n\nFor each literal in a response, `ResponseReader` rescans the entire growing response buffer. The regular expression that is used to scan the response buffer runs in linear time. With many literals, this becomes O(n\u00b2) total work. The regular expression should run in constant time: it is anchored to the end and only the last 23 bytes of the buffer are relevant.\n\nBecause the algorithmic complexity is super-linear, this bypasses protection from `max_response_size`: a response can stay well below the default size limit while still causing very large CPU cost.\n\n`Net::IMAP::ResponseReader` runs continuously in the receiver thread until the connection closes.\n\n### Impact\n\nThis consumes disproportionate CPU time in the client\u0027s receiver thread. A hostile server could use this to exhaust the client\u0027s CPU for a denial of service attack.\n\nFor a response near the default `max_response_size`, each individual regexp scan could take between 100 to 200ms on common modern hardware, and this may be repeated 200k times per megabyte of response. While the regexp is scanning, it retains the Global VM lock, preventing other threads from running.\n\nAlthough other threads should not be _completely_ blocked, their run time will be significantly impacted.\n\n### Mitigation\n\n* Upgrade to a patched version of net-imap that reads responses more efficiently.\n* Do not connect to untrusted IMAP servers.\n* When connecting to untrusted servers, a _much_ smaller `max_response_size` (for example: 8KiB) will limit the impact. Although this is too small for fetching unpaginated message bodies, it should be enough for most other operations.",
"id": "GHSA-q2mw-fvj9-vvcw",
"modified": "2026-05-14T20:48:14Z",
"published": "2026-05-04T22:02:56Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/ruby/net-imap/security/advisories/GHSA-q2mw-fvj9-vvcw"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42245"
},
{
"type": "WEB",
"url": "https://github.com/ruby/net-imap/commit/6091f7d6b1f3514cafbfe39c76f2b5d73de3ca96"
},
{
"type": "WEB",
"url": "https://github.com/ruby/net-imap/commit/88d95231fc8afef11c1f074453f7d75b68c9dfda"
},
{
"type": "WEB",
"url": "https://github.com/ruby/net-imap/commit/de685f91a4a4cc75eb80da898c2bf8af08d34819"
},
{
"type": "PACKAGE",
"url": "https://github.com/ruby/net-imap"
},
{
"type": "WEB",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.4.24"
},
{
"type": "WEB",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.5.14"
},
{
"type": "WEB",
"url": "https://github.com/ruby/net-imap/releases/tag/v0.6.4"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/net-imap/CVE-2026-42245.yml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "net-imap has quadratic complexity when reading response literals"
}
GHSA-Q2QQ-HMJ6-3WPP
Vulnerability from github – Published: 2026-05-07 02:59 – Updated: 2026-05-07 02:59During message encoding, hickory-proto's BinEncoder stores pointers to labels that are candidates for name compression in a Vec<(usize, Vec<u8>)>. The name compression logic then searches for matches with a linear scan.
A malicious message with many records can both introduce many candidate labels, and invoke this linear scan many times. This can amplify CPU exhaustion in DoS attacks.
This is similar to CVE-2024-8508.
Reporter
Qifan Zhang, Palo Alto Networks
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.26.0"
},
"package": {
"ecosystem": "crates.io",
"name": "hickory-proto"
},
"ranges": [
{
"events": [
{
"introduced": "0.3.1"
},
{
"fixed": "0.26.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-407",
"CWE-770"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-07T02:59:48Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "During message encoding, `hickory-proto`\u0027s `BinEncoder` stores pointers to labels that are candidates for name compression in a `Vec\u003c(usize, Vec\u003cu8\u003e)\u003e`. The name compression logic then searches for matches with a linear scan.\n\nA malicious message with many records can both introduce many candidate labels, and invoke this linear scan many times. This can amplify CPU exhaustion in DoS attacks.\n\nThis is similar to [CVE-2024-8508](https://www.nlnetlabs.nl/downloads/unbound/CVE-2024-8508.txt).\n\n### Reporter\n\nQifan Zhang, Palo Alto Networks",
"id": "GHSA-q2qq-hmj6-3wpp",
"modified": "2026-05-07T02:59:48Z",
"published": "2026-05-07T02:59:48Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/hickory-dns/hickory-dns/security/advisories/GHSA-q2qq-hmj6-3wpp"
},
{
"type": "PACKAGE",
"url": "https://github.com/hickory-dns/hickory-dns"
},
{
"type": "WEB",
"url": "https://rustsec.org/advisories/RUSTSEC-2026-0119.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "hickory-proto vulnerable to CPU exhaustion during message encoding due to O(n\u00b2) name compression"
}
GHSA-Q4C2-WH8V-28Q5
Vulnerability from github – Published: 2023-05-02 15:30 – Updated: 2023-05-02 15:30A vulnerability was found in Dreamer CMS up to 4.1.3. It has been declared as problematic. This vulnerability affects the function updatePwd of the file UserController.java of the component Password Hash Calculation. The manipulation leads to inefficient algorithmic complexity. The attack can be initiated remotely. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-227860.
{
"affected": [],
"aliases": [
"CVE-2023-2473"
],
"database_specific": {
"cwe_ids": [
"CWE-407"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-02T13:15:25Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in Dreamer CMS up to 4.1.3. It has been declared as problematic. This vulnerability affects the function updatePwd of the file UserController.java of the component Password Hash Calculation. The manipulation leads to inefficient algorithmic complexity. The attack can be initiated remotely. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-227860.",
"id": "GHSA-q4c2-wh8v-28q5",
"modified": "2023-05-02T15:30:33Z",
"published": "2023-05-02T15:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2473"
},
{
"type": "WEB",
"url": "https://gitee.com/isoftforce/dreamer_cms/issues/I6WHO7"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.227860"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.227860"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-Q67G-RXMW-649C
Vulnerability from github – Published: 2022-01-20 00:02 – Updated: 2022-01-29 00:01An Insufficient Algorithmic Complexity combined with an Allocation of Resources Without Limits or Throttling vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 allows an unauthenticated network attacker to cause latency in transit packet processing and even packet loss. If transit traffic includes a significant percentage (> 5%) of fragmented packets which need to be reassembled, high latency or packet drops might be observed. This issue affects Juniper Networks Junos OS on SRX Series, MX Series with SPC3: All versions prior to 18.2R3; 18.3 versions prior to 18.3R3; 18.4 versions prior to 18.4R2-S9, 18.4R3; 19.1 versions prior to 19.1R2; 19.2 versions prior to 19.2R1-S1, 19.2R2.
{
"affected": [],
"aliases": [
"CVE-2022-22153"
],
"database_specific": {
"cwe_ids": [
"CWE-407"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-19T01:15:00Z",
"severity": "HIGH"
},
"details": "An Insufficient Algorithmic Complexity combined with an Allocation of Resources Without Limits or Throttling vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 allows an unauthenticated network attacker to cause latency in transit packet processing and even packet loss. If transit traffic includes a significant percentage (\u003e 5%) of fragmented packets which need to be reassembled, high latency or packet drops might be observed. This issue affects Juniper Networks Junos OS on SRX Series, MX Series with SPC3: All versions prior to 18.2R3; 18.3 versions prior to 18.3R3; 18.4 versions prior to 18.4R2-S9, 18.4R3; 19.1 versions prior to 19.1R2; 19.2 versions prior to 19.2R1-S1, 19.2R2.",
"id": "GHSA-q67g-rxmw-649c",
"modified": "2022-01-29T00:01:21Z",
"published": "2022-01-20T00:02:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22153"
},
{
"type": "WEB",
"url": "https://kb.juniper.net/JSA11261"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-QJ66-M88J-HMGJ
Vulnerability from github – Published: 2024-10-08 20:24 – Updated: 2024-10-14 20:42Microsoft Security Advisory CVE-2024-43483 | .NET Denial of Service Vulnerability
Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in System.Security.Cryptography.Cose, System.IO.Packaging, Microsoft.Extensions.Caching.Memory. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
System.Security.Cryptography.Cose, System.IO.Packaging, Microsoft.Extensions.Caching.Memory may be exposed to a hostile input which may lead them to be susceptible to hash flooding attacks resulting in denial of service.
Announcement
Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/327
Mitigation factors
Microsoft has not identified any mitigating factors for this vulnerability.
Affected software
- Any .NET 8.0 application running on .NET 8.0.8 or earlier.
- Any .NET 6.0 aplication running on .NET 6.0.33 or earlier.
- Any application consuming one of the vulnerable packages.
Affected Packages
- Any .NET 6.0, 8.0, or 9.0 application.
- Any application consuming one of the vulnerable packages.
.NET 9
| Package name | Affected version | Patched version |
|---|---|---|
| System.Security.Cryptography.Cose | >= 9.0.0-preview.1.24080.9, <= 9.0.0-rc.1.24431.7 | 9.0.0-rc.2.24473.5 |
| System.IO.Packaging | >= 9.0.0-preview.1.24080.9, <= 9.0.0-rc.1.24431.7 | 9.0.0-rc.2.24473.5 |
| Microsoft.Extensions.Caching.Memory | >= 9.0.0-preview.1.24080.9, <= 9.0.0-rc.1.24431.7 | 9.0.0-rc.2.24473.5 |
.NET 8
| Package name | Affected version | Patched version |
|---|---|---|
| System.Security.Cryptography.Cose | >= 8.0.0-preview.1.23110.8, <= 8.0.0 | 8.0.1 |
| System.IO.Packaging | >= 8.0.0-preview.1.23110.8, <= 8.0.0 | 8.0.1 |
| Microsoft.Extensions.Caching.Memory | >= 8.0.0-preview.1.23110.8, <= 8.0.0 | 8.0.1 |
.NET 6
| Package name | Affected version | Patched version |
|---|---|---|
| System.IO.Packaging | >= 6.0.0-preview.1.21102.12, <= 6.0.0 | 6.0.1 |
| Microsoft.Extensions.Caching.Memory | >=6.0.0-preview.1.21102.12 <= 6.0.1 | 6.0.2 |
Advisory FAQ
How do I know if I am affected?
If you have a runtime or SDK with a version listed, or an affected package listed in affected software or affected packages, you're exposed to the vulnerability.
How do I fix the issue?
- To fix the issue please install the latest version of .NET 8.0 or .NET 6.0. If you have installed one or more .NET SDKs through Visual Studio, Visual Studio will prompt you to update Visual Studio, which will also update your .NET SDKs.
- .NET Framework-based applications and other application types need to perform a package update.
- If you have .NET 6.0 or greater installed, you can list the versions you have installed by running the
dotnet --infocommand. You will see output like the following;
.NET Core SDK (reflecting any global.json):
Version: 8.0.200
Commit: 8473146e7d
Runtime Environment:
OS Name: Windows
OS Version: 10.0.18363
OS Platform: Windows
RID: win10-x64
Base Path: C:\Program Files\dotnet\sdk\6.0.300\
Host (useful for support):
Version: 8.0.3
Commit: 8473146e7d
.NET Core SDKs installed:
8.0.200 [C:\Program Files\dotnet\sdk]
.NET Core runtimes installed:
Microsoft.AspAspNetCore.App 8.0.3 [C:\Program Files\dotnet\shared\Microsoft.AspAspNetCore.App]
Microsoft.AspNetCore.App 8.0.3 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App]
Microsoft.WindowsDesktop.App 8.0.3 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App]
To install additional .NET Core runtimes or SDKs:
https://aka.ms/dotnet-download
- If you're using .NET 9.0, you should download and install .NET 9.0 RC 2 Runtime or .NET 9.0.100-rc.2.24474.11 SDK (for Visual Studio 2022 v17.12 latest Preview) from https://dotnet.microsoft.com/download/dotnet-core/9.0.
- If you're using .NET 8.0, you should download and install .NET 8.0.10 Runtime or .NET 8.0.110 SDK (for Visual Studio 2022 v17.8) from https://dotnet.microsoft.com/download/dotnet-core/8.0.
- If you're using .NET 6.0, you should download and install .NET 6.0.35 Runtime or .NET 6.0.135 SDK (for Visual Studio 2022 v17.6) from https://dotnet.microsoft.com/download/dotnet-core/6.0.
.NET 6.0 and .NET 8.0 updates are also available from Microsoft Update. To access this either type "Check for updates" in your Windows search, or open Settings, choose Update & Security and then click Check for Updates.
Once you have installed the updated runtime or SDK, restart your apps for the update to take effect.
Additionally, if you've deployed self-contained applications targeting any of the impacted versions, these applications are also vulnerable and must be recompiled and redeployed.
Other Information
Reporting Security Issues
If you have found a potential security issue in .NET 8.0 or .NET 6.0, please email details to secure@microsoft.com. Reports may qualify for the Microsoft .NET Core & .NET 5 Bounty. Details of the Microsoft .NET Bounty Program including terms and conditions are at https://aka.ms/corebounty.
Support
You can ask questions about this issue on GitHub in the .NET GitHub organization. The main repos are located at https://github.com/dotnet/runtime and https://github.com/dotnet/aspnet/. The Announcements repo (https://github.com/dotnet/Announcements) will contain this bulletin as an issue and will include a link to a discussion issue. You can ask questions in the linked discussion issue.
Disclaimer
The information provided in this advisory is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
External Links
Revisions
V1.0 (October 08, 2024): Advisory published.
Version 1.0
Last Updated 2024-10-08
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 9.0.0-rc.1.24431.7"
},
"package": {
"ecosystem": "NuGet",
"name": "System.Security.Cryptography.Cose"
},
"ranges": [
{
"events": [
{
"introduced": "9.0.0-preview.1.24080.9"
},
{
"fixed": "9.0.0-rc.2.24473.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 9.0.0-rc.1.24431.7"
},
"package": {
"ecosystem": "NuGet",
"name": "System.IO.Packaging"
},
"ranges": [
{
"events": [
{
"introduced": "9.0.0-preview.1.24080.9"
},
{
"fixed": "9.0.0-rc.2.24473.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 8.0.0"
},
"package": {
"ecosystem": "NuGet",
"name": "System.Security.Cryptography.Cose"
},
"ranges": [
{
"events": [
{
"introduced": "8.0.0-preview.1.23110.8"
},
{
"fixed": "8.0.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 6.0.0"
},
"package": {
"ecosystem": "NuGet",
"name": "System.IO.Packaging"
},
"ranges": [
{
"events": [
{
"introduced": "6.0.0-preview.1.21102.12"
},
{
"fixed": "6.0.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 8.0.0"
},
"package": {
"ecosystem": "NuGet",
"name": "System.IO.Packaging"
},
"ranges": [
{
"events": [
{
"introduced": "8.0.0-preview.1.23110.8"
},
{
"fixed": "8.0.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 8.0.0"
},
"package": {
"ecosystem": "NuGet",
"name": "Microsoft.Extensions.Caching.Memory"
},
"ranges": [
{
"events": [
{
"introduced": "8.0.0-preview.1.23110.8"
},
{
"fixed": "8.0.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 9.0.0-rc.1.24431.7"
},
"package": {
"ecosystem": "NuGet",
"name": "Microsoft.Extensions.Caching.Memory"
},
"ranges": [
{
"events": [
{
"introduced": "9.0.0-preview.1.24080.9"
},
{
"fixed": "9.0.0-rc.2.24473.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 6.0.1"
},
"package": {
"ecosystem": "NuGet",
"name": "Microsoft.Extensions.Caching.Memory"
},
"ranges": [
{
"events": [
{
"introduced": "6.0.0-preview.1.21102.12"
},
{
"fixed": "6.0.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-43483"
],
"database_specific": {
"cwe_ids": [
"CWE-407"
],
"github_reviewed": true,
"github_reviewed_at": "2024-10-08T20:24:41Z",
"nvd_published_at": "2024-10-08T18:15:10Z",
"severity": "HIGH"
},
"details": "# Microsoft Security Advisory CVE-2024-43483 | .NET Denial of Service Vulnerability\n\n## \u003ca name=\"executive-summary\"\u003e\u003c/a\u003eExecutive summary\n\nMicrosoft is releasing this security advisory to provide information about a vulnerability in System.Security.Cryptography.Cose, System.IO.Packaging, Microsoft.Extensions.Caching.Memory. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.\n\nSystem.Security.Cryptography.Cose, System.IO.Packaging, Microsoft.Extensions.Caching.Memory may be exposed to a hostile input which may lead them to be susceptible to hash flooding attacks resulting in denial of service.\n\n## Announcement\n\nAnnouncement for this issue can be found at https://github.com/dotnet/announcements/issues/327\n\n## \u003ca name=\"mitigation-factors\"\u003e\u003c/a\u003eMitigation factors\n\nMicrosoft has not identified any mitigating factors for this vulnerability.\n\n## \u003ca name=\"affected-software\"\u003e\u003c/a\u003eAffected software\n\n* Any .NET 8.0 application running on .NET 8.0.8 or earlier.\n* Any .NET 6.0 aplication running on .NET 6.0.33 or earlier.\n* Any application consuming one of the [vulnerable packages](affected-packages).\n\n\n## \u003ca name=\"affected-packages\"\u003e\u003c/a\u003eAffected Packages\n* Any .NET 6.0, 8.0, or 9.0 application.\n* Any application consuming one of the vulnerable packages.\n\n### \u003ca name=\".NET 9 \"\u003e\u003c/a\u003e.NET 9\nPackage name | Affected version | Patched version\n------------ | ---------------- | -------------------------\n[System.Security.Cryptography.Cose](https://www.nuget.org/packages/System.Security.Cryptography.Cose) | \u003e= 9.0.0-preview.1.24080.9, \u003c= 9.0.0-rc.1.24431.7 | 9.0.0-rc.2.24473.5\n[System.IO.Packaging](https://www.nuget.org/packages/System.IO.Packaging) | \u003e= 9.0.0-preview.1.24080.9, \u003c= 9.0.0-rc.1.24431.7 | 9.0.0-rc.2.24473.5\n[Microsoft.Extensions.Caching.Memory](https://www.nuget.org/packages/Microsoft.Extensions.Caching.Memory) | \u003e= 9.0.0-preview.1.24080.9, \u003c= 9.0.0-rc.1.24431.7 | 9.0.0-rc.2.24473.5\n\n### \u003ca name=\".NET 8\"\u003e\u003c/a\u003e.NET 8\nPackage name | Affected version | Patched version\n------------ | ---------------- | -------------------------\n[System.Security.Cryptography.Cose](https://www.nuget.org/packages/System.Security.Cryptography.Cose) | \u003e= 8.0.0-preview.1.23110.8, \u003c= 8.0.0 | 8.0.1\n[System.IO.Packaging](https://www.nuget.org/packages/System.IO.Packaging) | \u003e= 8.0.0-preview.1.23110.8, \u003c= 8.0.0 | 8.0.1\n[Microsoft.Extensions.Caching.Memory](https://www.nuget.org/packages/Microsoft.Extensions.Caching.Memory) | \u003e= 8.0.0-preview.1.23110.8, \u003c= 8.0.0 | 8.0.1\n\n### \u003ca name=\".NET 6\"\u003e\u003c/a\u003e.NET 6\nPackage name | Affected version | Patched version\n------------ | ---------------- | -------------------------\n[System.IO.Packaging](https://www.nuget.org/packages/System.IO.Packaging) | \u003e= 6.0.0-preview.1.21102.12, \u003c= 6.0.0 | 6.0.1\n[Microsoft.Extensions.Caching.Memory](https://www.nuget.org/packages/Microsoft.Extensions.Caching.Memory) | \u003e=6.0.0-preview.1.21102.12 \u003c= 6.0.1 | 6.0.2\n\n\n## Advisory FAQ\n\n### \u003ca name=\"how-affected\"\u003e\u003c/a\u003eHow do I know if I am affected?\n\nIf you have a runtime or SDK with a version listed, or an affected package listed in [affected software](#affected-packages) or [affected packages](#affected-software), you\u0027re exposed to the vulnerability.\n\n### \u003ca name=\"how-fix\"\u003e\u003c/a\u003eHow do I fix the issue?\n\n* To fix the issue please install the latest version of .NET 8.0 or .NET 6.0. If you have installed one or more .NET SDKs through Visual Studio, Visual Studio will prompt you to update Visual Studio, which will also update your .NET SDKs.\n* .NET Framework-based applications and other application types need to perform a package update.\n* If you have .NET 6.0 or greater installed, you can list the versions you have installed by running the `dotnet --info` command. You will see output like the following;\n\n```\n.NET Core SDK (reflecting any global.json):\n\n\n Version: 8.0.200\n Commit: 8473146e7d\n\nRuntime Environment:\n\n OS Name: Windows\n OS Version: 10.0.18363\n OS Platform: Windows\n RID: win10-x64\n Base Path: C:\\Program Files\\dotnet\\sdk\\6.0.300\\\n\nHost (useful for support):\n\n Version: 8.0.3\n Commit: 8473146e7d\n\n.NET Core SDKs installed:\n\n 8.0.200 [C:\\Program Files\\dotnet\\sdk]\n\n.NET Core runtimes installed:\n\n Microsoft.AspAspNetCore.App 8.0.3 [C:\\Program Files\\dotnet\\shared\\Microsoft.AspAspNetCore.App]\n Microsoft.AspNetCore.App 8.0.3 [C:\\Program Files\\dotnet\\shared\\Microsoft.AspNetCore.App]\n Microsoft.WindowsDesktop.App 8.0.3 [C:\\Program Files\\dotnet\\shared\\Microsoft.WindowsDesktop.App]\n\n\nTo install additional .NET Core runtimes or SDKs:\n https://aka.ms/dotnet-download\n```\n\n* If you\u0027re using .NET 9.0, you should download and install .NET 9.0 RC 2 Runtime or .NET 9.0.100-rc.2.24474.11 SDK (for Visual Studio 2022 v17.12 latest Preview) from https://dotnet.microsoft.com/download/dotnet-core/9.0.\n* If you\u0027re using .NET 8.0, you should download and install .NET 8.0.10 Runtime or .NET 8.0.110 SDK (for Visual Studio 2022 v17.8) from https://dotnet.microsoft.com/download/dotnet-core/8.0.\n* If you\u0027re using .NET 6.0, you should download and install .NET 6.0.35 Runtime or .NET 6.0.135 SDK (for Visual Studio 2022 v17.6) from https://dotnet.microsoft.com/download/dotnet-core/6.0.\n\n.NET 6.0 and .NET 8.0 updates are also available from Microsoft Update. To access this either type \"Check for updates\" in your Windows search, or open Settings, choose Update \u0026 Security and then click Check for Updates.\n\nOnce you have installed the updated runtime or SDK, restart your apps for the update to take effect.\n\nAdditionally, if you\u0027ve deployed [self-contained applications](https://docs.microsoft.com/dotnet/core/deploying/#self-contained-deployments-scd) targeting any of the impacted versions, these applications are also vulnerable and must be recompiled and redeployed.\n\n## Other Information\n\n### Reporting Security Issues\n\nIf you have found a potential security issue in .NET 8.0 or .NET 6.0, please email details to secure@microsoft.com. Reports may qualify for the Microsoft .NET Core \u0026 .NET 5 Bounty. Details of the Microsoft .NET Bounty Program including terms and conditions are at \u003chttps://aka.ms/corebounty\u003e.\n\n### Support\n\nYou can ask questions about this issue on GitHub in the .NET GitHub organization. The main repos are located at https://github.com/dotnet/runtime and https://github.com/dotnet/aspnet/. The Announcements repo (https://github.com/dotnet/Announcements) will contain this bulletin as an issue and will include a link to a discussion issue. You can ask questions in the linked discussion issue.\n\n### Disclaimer\n\nThe information provided in this advisory is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.\n\n\n### External Links\n\n[CVE-2024-43483]( https://www.cve.org/CVERecord?id=CVE-2024-43483)\n\n### Revisions\n\nV1.0 (October 08, 2024): Advisory published.\n\n_Version 1.0_\n\n_Last Updated 2024-10-08_",
"id": "GHSA-qj66-m88j-hmgj",
"modified": "2024-10-14T20:42:13Z",
"published": "2024-10-08T20:24:41Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/dotnet/runtime/security/advisories/GHSA-qj66-m88j-hmgj"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43483"
},
{
"type": "PACKAGE",
"url": "https://github.com/dotnet/runtime"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43483"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Microsoft Security Advisory CVE-2024-43483 | .NET Denial of Service Vulnerability"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.