Johan Gorter discovered that .NET 6 incorrectly processed certain invalid HTTP requests. An attacker could possibly use this issue to cause a denial of service condition for an exposed endpoint.
{ "availability": "No subscription needed", "binaries": [ { "dotnet-host": "6.0.113-0ubuntu1~22.04.1", "dotnet-templates-6.0": "6.0.113-0ubuntu1~22.04.1", "dotnet-hostfxr-6.0": "6.0.113-0ubuntu1~22.04.1", "dotnet-sdk-6.0-source-built-artifacts": "6.0.113-0ubuntu1~22.04.1", "dotnet-runtime-6.0": "6.0.113-0ubuntu1~22.04.1", "dotnet-sdk-6.0": "6.0.113-0ubuntu1~22.04.1", "aspnetcore-runtime-6.0": "6.0.113-0ubuntu1~22.04.1", "netstandard-targeting-pack-2.1": "6.0.113-0ubuntu1~22.04.1", "dotnet6": "6.0.113-0ubuntu1~22.04.1", "aspnetcore-targeting-pack-6.0": "6.0.113-0ubuntu1~22.04.1", "dotnet-apphost-pack-6.0": "6.0.113-0ubuntu1~22.04.1", "dotnet-targeting-pack-6.0": "6.0.113-0ubuntu1~22.04.1" } ] }