CVE-2021-24112

CVSS v3.1

8.1

High

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: .NET Core (affected versions not specified)

Description: The issue is related to insufficient input validation in the .NET Core platform, which can be exploited by a remote attacker to execute arbitrary code. It is specifically noted that this vulnerability can be triggered when parsing certain types of graphics files, and it only affects systems running on MacOS or Linux.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

ALT-PU-2021-1356

ALT-PU-2021-1357

ALT-PU-2021-1358

ALT-PU-2021-1359

ALT-PU-2021-1363

BDU:2021-00929

BIT-DOTNET-2021-24112

BIT-DOTNET-SDK-2021-24112

CVE-2021-24112

GHSA-RXG9-XRHP-64GJ

OPENSUSE-SU-2024:11556-1

Affected Products

Alt Linux

Net Core

CVE-2021-24112

Weakness Enumeration

Related Identifiers

Affected Products

References · 19