CVE-2024-21319

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-21319
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-21319.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-21319
Aliases
Downstream
Related
Published
2024-01-09T19:15:12.070Z
Modified
2026-03-14T12:27:19.307306Z
Severity
  • 6.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Microsoft Identity Denial of service vulnerability

References

Affected packages

Git / github.com/azuread/azure-activedirectory-identitymodel-extensions-for-dotnet

Affected ranges

Type
GIT
Repo
https://github.com/azuread/azure-activedirectory-identitymodel-extensions-for-dotnet
Events
Introduced
bf4cb251a85f1b27bbb208c703f6f3105bdb24ca
Fixed
a607fa5e0005a6178cf1d2fed4fa0f8179cdb186
Database specific 
{
    "versions": [
        {
            "introduced": "7.0.0"
        },
        {
            "fixed": "7.1.2"
        }
    ]
}
Type
GIT
Repo
https://github.com/dotnet/core
Events
Introduced
ee849590a02cc5cd61eff18aa64bf985ec45124d
Fixed
73deb1784e9f579ce38c044f8cad095c5d4e4f93
Introduced
63772e2191a750dd3cafa75914cacdb038c7520c
Fixed
73deb1784e9f579ce38c044f8cad095c5d4e4f93
Introduced
d78b3180414d35d6c7d136db753474e2ae2b33df
Fixed
73deb1784e9f579ce38c044f8cad095c5d4e4f93
Database specific 
{
    "versions": [
        {
            "introduced": "6.0.0"
        },
        {
            "fixed": "6.0.26"
        },
        {
            "introduced": "7.0.0"
        },
        {
            "fixed": "7.0.15"
        },
        {
            "introduced": "8.0.0"
        },
        {
            "fixed": "8.0.1"
        }
    ]
}

Affected versions

7.*
7.0.0
7.0.1
7.0.2
v3.*
v3.1.21
v3.1.22
v3.1.23
v3.1.24
v3.1.25
v3.1.26
v3.1.27
v3.1.28
v3.1.29
v3.1.30
v3.1.31
v3.1.32
v5.*
v5.0.12
v5.0.13
v5.0.14
v5.0.15
v5.0.16
v5.0.17
v6.*
v6.0.0
v6.0.1
v6.0.10
v6.0.11
v6.0.12
v6.0.13
v6.0.14
v6.0.15
v6.0.16
v6.0.18
v6.0.19
v6.0.2
v6.0.20
v6.0.21
v6.0.22
v6.0.23
v6.0.24
v6.0.25
v6.0.3
v6.0.4
v6.0.5
v6.0.6
v6.0.7
v6.0.8
v6.0.9
v7.*
v7.0.0
v7.0.0-preview.1
v7.0.0-preview.2
v7.0.0-preview.3
v7.0.0-preview.4
v7.0.0-preview.5
v7.0.0-preview.6
v7.0.0-preview.7
v7.0.0-rc.1
v7.0.0-rc.2
v7.0.1
v7.0.10
v7.0.11
v7.0.12
v7.0.13
v7.0.14
v7.0.2
v7.0.3
v7.0.4
v7.0.5
v7.0.7
v7.0.8
v7.0.9
v8.*
v8.0.0
v8.0.0-preview.1
v8.0.0-preview.2
v8.0.0-preview.3
v8.0.0-preview.4
v8.0.0-preview.5
v8.0.0-preview.6
v8.0.0-preview.7
v8.0.0-rc.1
v8.0.0-rc.2

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-21319.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "5.0.0"
            },
            {
                "fixed": "5.7.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "6.0.0"
            },
            {
                "fixed": "6.34.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "17.2.0"
            },
            {
                "fixed": "17.2.23"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "17.4.0"
            },
            {
                "fixed": "17.4.15"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "17.6.0"
            },
            {
                "fixed": "17.6.11"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "17.8.0"
            },
            {
                "fixed": "17.8.4"
            }
        ]
    }
]