Jul 2024: .NET and Visual Studio Denial of Service Vulnerability
CVE-2024-30105 Published on July 9, 2024
.NET and Visual Studio Denial of Service Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
Weakness Type
What is a Resource Exhaustion Vulnerability?
The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
CVE-2024-30105 has been classified to as a Resource Exhaustion vulnerability or weakness.
Products Associated with CVE-2024-30105
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2024-30105 are published in these products:
Affected Versions
Microsoft .NET 8.0:- Version 8.0 and below 8.0.7 is affected.
- Version 7.4.0 and below 7.4.4 is affected.
- Version 17.4.0 and below 17.4.21 is affected.
- Version 17.6.0 and below 17.6.17 is affected.
- Version 17.10 and below 17.10.4 is affected.
- Version 17.8.0 and below 17.8.12 is affected.
Vulnerable Packages
The following package name and versions may be associated with CVE-2024-30105
| Package Manager | Vulnerable Package | Versions | Fixed In |
|---|---|---|---|
| nuget | System.Text.Json | >= 4.6.0-preview6.19259.10, < 8.0.4 | 8.0.4 |
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.