PT-2022-37621 · Microsoft · .Net Framework+3

Published

2022-02-09

Updated

2022-02-09

CVE-2022-219862

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions .NET versions prior to 5.0.211 and 6.0.102

Description The issue is related to ASP.NET Core Krestel HTTP headers pooling denial of service. New versions of .NET that address this security issue are now available.

Recommendations For versions prior to 5.0.211, update to .NET SDK 5.0.211 and .NET Runtime 5.0.14. For versions prior to 6.0.102, update to .NET SDK 6.0.102 and .NET Runtime 6.0.2.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

ALSA-2022:0495

ALSA-2022:0496

CVE-2022-219862

Affected Products

.Net Framework

.Net Runtime

.Net Sdk

Asp.Net Core

PT-2022-37621 · Microsoft · .Net Framework+3

CVE-2022-219862

Related Identifiers

Affected Products

References · 4