CVE-2024-21404: .NET Denial of Service Vulnerability

Overview

Severity: High (CVSS 7.5)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Category: Denial of Service
Exploit Status: Not Exploited
Exploitation Likelihood: Less Likely
Patch Tuesday: 2024-Feb
Released: 2024-02-13
EPSS Score: 2.91% (percentile: 86.4%)

Affected Products (6)

Developer Tools

.NET 6.0
.NET 7.0
.NET 8.0
Microsoft Visual Studio 2022 version 17.4
Microsoft Visual Studio 2022 version 17.6
Microsoft Visual Studio 2022 version 17.8

Security Updates (6)

Acknowledgments

Bahaa Naamneh with Crosspoint Labs

Revision History

2024-02-13: Information published.