CVE-2021-31957
ASP.NET Core Denial of Service Vulnerability
7.5
HIGH
CVSS 3.1
EPSS 9.0%
Description
ASP.NET Core Denial of Service Vulnerability
How to fix CVE-2021-31957
To remediate CVE-2021-31957, upgrade the affected package to a fixed version below.
- Bitnami/dotnet—upgrade to 5.0.7 or later
- Bitnami/dotnet-sdk—upgrade to 5.0.7 or later
Is CVE-2021-31957 being exploited?
Moderate — EPSS is 9.0%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- >= 5.0.0, < 5.0.7
- >= 5.0.0, < 5.0.7
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
References (6)
- WEBlists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4PRVVLXXQEF4SEJOBV3VRJHGX7YHY2CG/
- WEBlists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVCDYIP4A6DDRT7G6P3ZW6PKNK2DNWJ2/
- WEBlists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMHWHRRYDHKM6BIINW5V7OCSW4SDWB4W/