GSA_kwCzR0hTQS1yeGc5LXhyaHAtNjRnas4AAnr8

Critical EPSS: 0.00755% (0.72277 Percentile) EPSS:

Permalink JSON

.NET Core Remote Code Execution Vulnerability

Affected Packages	Affected Versions	Fixed Versions
nuget:System.Drawing.Common	>= 5.0.0, < 5.0.3, >= 4.0.0, < 4.7.2	5.0.3, 4.7.2
2,621 Dependent packages 13 Dependent repositories 2,056,853,589 Downloads total Affected Version Ranges All affected versions 4.0.0, 4.5.0, 4.5.1, 4.5.2, 4.6.0, 4.6.1, 4.6.2, 4.7.0, 4.7.1, 5.0.0, 5.0.1, 5.0.2 All unaffected versions 4.7.2, 4.7.3, 5.0.3, 6.0.0, 7.0.0, 8.0.0, 8.0.1, 8.0.2, 8.0.3, 8.0.4, 8.0.5, 8.0.6, 8.0.7, 8.0.8, 8.0.10, 8.0.11, 8.0.12, 8.0.13, 8.0.14, 8.0.15, 8.0.16, 8.0.17, 8.0.18, 9.0.0, 9.0.1, 9.0.2, 9.0.3, 9.0.4, 9.0.5, 9.0.6, 9.0.7

A remote code execution vulnerability exists when parsing certain types of graphics files. This vulnerability only exists on systems running on MacOS or Linux. This CVE ID is unique from CVE-2021-26701.

References:

https://nvd.nist.gov/vuln/detail/CVE-2021-24112
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24112
https://github.com/dotnet/announcements/issues/176
https://github.com/advisories/GHSA-rxg9-xrhp-64gj

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Advisories

GSA_kwCzR0hTQS1yeGc5LXhyaHAtNjRnas4AAnr8

.NET Core Remote Code Execution Vulnerability

Affected Version Ranges

All affected versions

All unaffected versions

Identifiers

Risk

Severity

EPSS

Classification

Source

Origin

Date and time

Published

Updated

API