GHSA-5633-f33j-c6f7

Source

https://github.com/advisories/GHSA-5633-f33j-c6f7

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-5633-f33j-c6f7/GHSA-5633-f33j-c6f7.json

Aliases

CVE-2018-8416

Published

2022-05-13T01:20:52Z

Modified

2023-11-08T04:00:28.161140Z

Details

A tampering vulnerability exists when .NET Core improperly handles specially crafted files, aka ".NET Core Tampering Vulnerability." This affects .NET Core 2.1.

References

https://nvd.nist.gov/vuln/detail/CVE-2018-8416
https://github.com/dotnet/announcements/issues/95
https://github.com/github/advisory-database/issues/302
https://access.redhat.com/errata/RHSA-2018:3676
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8416

Affected packages

NuGet / Microsoft.NETCore.App

Package

Name: Microsoft.NETCore.App

Affected ranges

Type: ECOSYSTEM
Events: Introduced

2.1.0

Fixed

2.1.7

Affected versions

2.*

2.1.0

2.1.1

2.1.2

2.1.3

2.1.4

2.1.5

2.1.6