CVE ID | Published | Description | Score | Severity |
---|---|---|---|---|
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | 7.5 |
High |
||
.NET and Visual Studio Denial of Service Vulnerability | 7.5 |
High |
||
.NET and Visual Studio Denial of Service Vulnerability | 7.5 |
High |
||
.NET and Visual Studio Denial of Service Vulnerability | 7.5 |
High |
||
Visual Studio Elevation of Privilege Vulnerability | 7.8 |
High |
||
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits. | 6.5 |
Medium |