Advisories for Nuget/Microsoft.Bcl.Memory package

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0 and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A denial of service vulnerability exists in .NET and Microsoft.Bcl.Memory due to an out-of-bounds read when decoding malformed Base64Url input.

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-73j8-2gch-69rq. This link is maintained to preserve external references. Original Description Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network.