CVE-2023-36558
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in nuget/Microsoft.AspNetCore.Components
Identifiers
GHSA-3fx3-85r4-8j3w, CVE-2023-36558
Package Slug
nuget/Microsoft.AspNetCore.Components
Vulnerability
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Description
ASP.NET Core - Security Feature Bypass Vulnerability
Affected Versions
All versions starting from 6.0.0 up to 6.0.24, all versions starting from 7.0.0 up to 7.0.13, version 8.0.0-rc.2.23480.2
Solution
Upgrade to versions 7.0.14, 8.0.0, 6.0.25 or above.
Last Modified
2023-11-16
| source |