dotnet-host

Direct Vulnerabilities

Known vulnerabilities in the dotnet-host package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Out-of-bounds Write	<0:10.0.6-1.el9_7
H Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')	<0:10.0.6-1.el9_7
H Improper Neutralization of Special Elements	<0:10.0.6-1.el9_7
H Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')	<0:10.0.6-1.el9_7
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Allocation of Resources Without Limits or Throttling	*
M HTTP Request Smuggling	*
M Allocation of Resources Without Limits or Throttling	*
M Origin Validation Error	*
M Origin Validation Error	*
H Allocation of Resources Without Limits or Throttling	<0:10.0.4-1.el9_7
H Out-of-bounds Read	<0:10.0.4-1.el9_7
M Incorrect Default Permissions	*
M Unchecked Input for Loop Condition	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
H Embedded Malicious Code	*
C Improper Authorization	*
M Improper Authorization	*
M Uncontrolled Recursion	*
H CVE-2024-38081	*
H Allocation of Resources Without Limits or Throttling	*
M Insecure Temporary File	*
H HTTP Request Smuggling	*
H Cleartext Transmission of Sensitive Information	*
M Information Exposure Through Caching	*
M Improper Input Validation	*
M HTTP Request Smuggling	*
L HTTP Request Smuggling	*
H Uncontrolled Search Path Element	*
M CVE-2025-48068	*
M Cross-site Scripting (XSS)	*
L Race Condition	*
H Authentication Bypass	*
M Cross-site Scripting (XSS)	*
L Information Exposure	*
H Improper Privilege Management	*
H Algorithmic Complexity	*
H Algorithmic Complexity	*
H Algorithmic Complexity	*
H Use After Free	*
H CVE-2024-43499	*
H Incorrect Type Conversion or Cast	*
H Buffer Over-read	*
H Creation of Temporary File in Directory with Incorrect Permissions	*
H Improper Restriction of Names for Files and Other Resources	*
H Heap-based Buffer Overflow	*
M Allocation of Resources Without Limits or Throttling	*
M Cross-site Scripting (XSS)	*
M Information Exposure	<0:8.0.8-1.el9_4
M CVE-2024-38095	*
H CVE-2024-35264	*
H CVE-2024-30105	*
M Allocation of Resources Without Limits or Throttling	*
H Deadlock	<0:8.0.5-1.el9_4
H Out-of-Bounds	<0:8.0.5-1.el9_4
M Resource Exhaustion	*
M Resource Exhaustion	<0:8.0.3-2.el9_3
H CVE-2024-21386	<0:8.0.2-2.el9_3
H Resource Exhaustion	<0:8.0.2-2.el9_3
H Resource Exhaustion	<0:8.0.1-1.el9_3
H Unprotected Alternate Channel	<0:8.0.1-1.el9_3
H Improper Certificate Validation	<0:8.0.1-1.el9_3
M CVE-2023-36558	<0:8.0.0-2.el9_3
M Arbitrary Code Injection	<0:8.0.0-2.el9_3
H Reversible One-Way Hash	*
H Resource Exhaustion	<0:7.0.12-1.el9_2
M Resource Exhaustion	<0:7.0.13-1.el9_2
H Resource Exhaustion	<0:7.0.10-1.el9_2
H CVE-2023-35390	<0:7.0.10-1.el9_2
H Race Condition	<0:7.0.9-1.el9_2
H CVE-2023-32032	<0:7.0.7-1.el9_2
H CVE-2023-33128	<0:7.0.7-1.el9_2
H CVE-2023-29337	<0:7.0.7-1.el9_2
H CVE-2023-29331	<0:7.0.7-1.el9_2
H CVE-2023-24936	<0:7.0.7-1.el9_2
M Inefficient Regular Expression Complexity	*
M Information Exposure Through Caching	<0:7.0.0-0.5.rc2.el9_1
M Resource Exhaustion	<0:6.0.9-1.el9_0
M XML External Entity (XXE) Injection	<0:6.0.8-1.el9_0
M Open Redirect	*
M Improper Cross-boundary Removal of Sensitive Data	<0:6.0.6-1.el9_0
M Exposure of Private Information ('Privacy Violation')	<0:6.0.7-1.el9_0
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:6.0.5-1.el9_0
H Reliance on Cookies without Validation and Integrity Checking	<0:6.0.5-1.el9_0
H Allocation of Resources Without Limits or Throttling	<0:6.0.5-1.el9_0

Vulnerability

Vulnerable Version

Out-of-bounds Write

<0:10.0.6-1.el9_7