CVE-2024-21386

.NET Denial of Service Vulnerability

Published: Feb 13, 2024
Updated: May 4, 2025
CVE: CVE-2024-21386
GHSA: GHSA-g74q-5xw3-j7q9
Severity: Critical
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
Microsoft.AspNetCore.App.Runtime.linux-arm	-	6.0.27
Microsoft.AspNetCore.App.Runtime.linux-arm64	-	6.0.27
Microsoft.AspNetCore.App.Runtime.linux-musl-arm	-	6.0.27
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64	-	6.0.27
Microsoft.AspNetCore.App.Runtime.linux-musl-x64	-	6.0.27
Microsoft.AspNetCore.App.Runtime.linux-x64	-	6.0.27
Microsoft.AspNetCore.App.Runtime.osx-arm64	-	6.0.27
Microsoft.AspNetCore.App.Runtime.osx-x64	-	6.0.27
Microsoft.AspNetCore.App.Runtime.win-arm	-	6.0.27
Microsoft.AspNetCore.App.Runtime.win-arm64	-	6.0.27
Microsoft.AspNetCore.App.Runtime.win-x64	-	6.0.27
Microsoft.AspNetCore.App.Runtime.win-x86	-	6.0.27
Microsoft.AspNetCore.App.Runtime.linux-arm	7.0.0	7.0.16
Microsoft.AspNetCore.App.Runtime.linux-arm64	7.0.0	7.0.16
Microsoft.AspNetCore.App.Runtime.linux-musl-arm	7.0.0	7.0.16
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64	7.0.0	7.0.16
Microsoft.AspNetCore.App.Runtime.linux-musl-x64	7.0.0	7.0.16
Microsoft.AspNetCore.App.Runtime.linux-x64	7.0.0	7.0.16
Microsoft.AspNetCore.App.Runtime.osx-arm64	7.0.0	7.0.16
Microsoft.AspNetCore.App.Runtime.osx-x64	7.0.0	7.0.16
Microsoft.AspNetCore.App.Runtime.win-arm	7.0.0	7.0.16
Microsoft.AspNetCore.App.Runtime.win-arm64	7.0.0	7.0.16
Microsoft.AspNetCore.App.Runtime.win-x64	7.0.0	7.0.16
Microsoft.AspNetCore.App.Runtime.win-x86	7.0.0	7.0.16
Microsoft.AspNetCore.App.Runtime.linux-arm	8.0.0	8.0.2
Microsoft.AspNetCore.App.Runtime.linux-arm64	8.0.0	8.0.2
Microsoft.AspNetCore.App.Runtime.linux-musl-arm	8.0.0	8.0.2
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64	8.0.0	8.0.2
Microsoft.AspNetCore.App.Runtime.linux-musl-x64	8.0.0	8.0.2
Microsoft.AspNetCore.App.Runtime.linux-x64	8.0.0	8.0.2
Microsoft.AspNetCore.App.Runtime.osx-arm64	8.0.0	8.0.2
Microsoft.AspNetCore.App.Runtime.osx-x64	8.0.0	8.0.2
Microsoft.AspNetCore.App.Runtime.win-arm	8.0.0	8.0.2
Microsoft.AspNetCore.App.Runtime.win-arm64	8.0.0	8.0.2
Microsoft.AspNetCore.App.Runtime.win-x64	8.0.0	8.0.2
Microsoft.AspNetCore.App.Runtime.win-x86	8.0.0	8.0.2
microsoft / asp.net_core	8.0.0	8.0.2
microsoft / asp.net_core	7.0.0	7.0.16
microsoft / asp.net_core	6.0.0	6.0.27
microsoft / visual_studio_2022	17.6.0	17.6.12
microsoft / visual_studio_2022	17.4.0	17.4.16
microsoft / visual_studio_2022	17.8.0	17.8.7

Vulnerability Database

289,598

CVE-2024-21386