MS .NET Framework DoS Vulnerability (CVE-2023-21538): CVE-2023-21538 January 2023

MS .NET Framework DoS Vulnerability (CVE-2023-21538)
CVE-2023-21538 Published on January 10, 2023

.NET Denial of Service Vulnerability
.NET Denial of Service Vulnerability

Weakness Type

What is a Marshaling, Unmarshaling Vulnerability?

The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

CVE-2023-21538 has been classified to as a Marshaling, Unmarshaling vulnerability or weakness.

Products Associated with CVE-2023-21538

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-21538 are published in these products:

Affected Versions

Version 6.0.0 and below 6.0.13 is affected.

Version 7.2.0 and below 7.2.9 is affected.

Vulnerable Packages

The following package name and versions may be associated with CVE-2023-21538

Package Manager	Vulnerable Package	Versions	Fixed In
nuget	Microsoft.NetCore.App.Runtime.linux-arm	>= 6.0.0, < 6.0.13	6.0.13
nuget	Microsoft.NetCore.App.Runtime.linux-arm64	>= 6.0.0, < 6.0.13	6.0.13
nuget	Microsoft.NetCore.App.Runtime.linux-musl-arm	>= 6.0.0, < 6.0.13	6.0.13
nuget	Microsoft.NetCore.App.Runtime.linux-musl-arm64	>= 6.0.0, < 6.0.13	6.0.13
nuget	Microsoft.NetCore.App.Runtime.linux-musl-x64	>= 6.0.0, < 6.0.13	6.0.13
nuget	Microsoft.NetCore.App.Runtime.linux-x64	>= 6.0.0, < 6.0.13	6.0.13
nuget	Microsoft.NetCore.App.Runtime.osx-arm64	>= 6.0.0, < 6.0.13	6.0.13
nuget	Microsoft.NetCore.App.Runtime.osx-x64	>= 6.0.0, < 6.0.13	6.0.13
nuget	Microsoft.NetCore.App.Runtime.win-arm	>= 6.0.0, < 6.0.13	6.0.13
nuget	Microsoft.NetCore.App.Runtime.win-arm64	>= 6.0.0, < 6.0.13	6.0.13
nuget	Microsoft.NetCore.App.Runtime.win-x64	>= 6.0.0, < 6.0.13	6.0.13
nuget	Microsoft.NetCore.App.Runtime.win-x86	>= 6.0.0, < 6.0.13	6.0.13

Package Manager

Vulnerable Package

Versions

Fixed In

nuget

Microsoft.NetCore.App.Runtime.linux-arm

>= 6.0.0, < 6.0.13

6.0.13

nuget

Microsoft.NetCore.App.Runtime.linux-arm64

>= 6.0.0, < 6.0.13

6.0.13

nuget

Microsoft.NetCore.App.Runtime.linux-musl-arm

>= 6.0.0, < 6.0.13

6.0.13

nuget

Microsoft.NetCore.App.Runtime.linux-musl-arm64

>= 6.0.0, < 6.0.13

6.0.13

nuget

Microsoft.NetCore.App.Runtime.linux-musl-x64

>= 6.0.0, < 6.0.13

6.0.13

nuget

Microsoft.NetCore.App.Runtime.linux-x64

>= 6.0.0, < 6.0.13

6.0.13

nuget

Microsoft.NetCore.App.Runtime.osx-arm64

>= 6.0.0, < 6.0.13

6.0.13

nuget

Microsoft.NetCore.App.Runtime.osx-x64

>= 6.0.0, < 6.0.13

6.0.13

nuget

Microsoft.NetCore.App.Runtime.win-arm

>= 6.0.0, < 6.0.13

6.0.13

nuget

Microsoft.NetCore.App.Runtime.win-arm64

>= 6.0.0, < 6.0.13

6.0.13

nuget

Microsoft.NetCore.App.Runtime.win-x64

>= 6.0.0, < 6.0.13

6.0.13

nuget

Microsoft.NetCore.App.Runtime.win-x86

>= 6.0.0, < 6.0.13

6.0.13

Exploit Probability

EPSS

0.64%

Percentile

70.35%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

MS .NET Framework DoS Vulnerability (CVE-2023-21538)CVE-2023-21538 Published on January 10, 2023

Weakness Type

What is a Marshaling, Unmarshaling Vulnerability?

Products Associated with CVE-2023-21538

Affected Versions

Vulnerable Packages

Exploit Probability

MS .NET Framework DoS Vulnerability (CVE-2023-21538)
CVE-2023-21538 Published on January 10, 2023