CVE-2018-8356

Source
https://nvd.nist.gov/vuln/detail/CVE-2018-8356
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-8356.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-8356
Aliases
Published
2018-07-11T00:29:02Z
Modified
2024-09-03T02:35:38.047437Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, ASP.NET Core 1.1, Microsoft .NET Framework 4.5.2, ASP.NET Core 2.0, ASP.NET Core 1.0, .NET Core 1.1, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, .NET Core 1.0, .NET Core 2.0, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.

References

Affected packages

Git / github.com/dotnet/aspnetcore

Affected ranges

Type
GIT
Repo
https://github.com/dotnet/aspnetcore
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Last affected
Last affected
Last affected
Last affected
Type
GIT
Repo
https://github.com/dotnet/core
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Last affected
Last affected
Last affected
Last affected
Type
GIT
Repo
https://github.com/powershell/powershell
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Last affected

Affected versions

1.*

1.0.0
1.0.0-rc2
1.0.0-rc2-final

Other

SD/688741
SD/692351
SD/693793
SD/695331
SD/700586
SD/704605
SD/706766
SD/709766
SD/709776
SD/715912
SD/717473
SD/725290

v0.*

v0.1.0
v0.2.0
v0.3.0
v0.4.0
v0.5.0
v0.6.0

v1.*

v1.0.0
v1.0.0-alpha2
v1.0.0-alpha3
v1.0.0-beta4
v1.0.0-beta5
v1.0.0-beta6
v1.0.0-beta7
v1.0.0-beta8
v1.0.0-rc1
v1.0.0-rc1-final
v1.0.0-rc1-update1
v1.0.0-rc2
v1.0.1
v1.0.2
v1.1
v1.1.0
v1.1.0-preview1

v6.*

v6.0.0
v6.0.0-alpha.10
v6.0.0-alpha.11
v6.0.0-alpha.12
v6.0.0-alpha.13
v6.0.0-alpha.14
v6.0.0-alpha.16
v6.0.0-alpha.17
v6.0.0-alpha.18
v6.0.0-alpha.7
v6.0.0-alpha.8
v6.0.0-alpha.9
v6.0.0-beta.1
v6.0.0-beta.2
v6.0.0-beta.3
v6.0.0-beta.5
v6.0.0-beta.6
v6.0.0-beta.7
v6.0.0-beta.8
v6.0.0-beta.9
v6.0.0-rc
v6.0.0-rc.2