Microsoft Security Advisory CVE-2024-21386: .NET Denial of Service Vulnerability
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET 6.0, ASP.NET 7.0 and, ASP.NET 8.0 . This advisory also provides guidance on what developers can do to update their applications to address this vulnerability.
A vulnerability exists in ASP.NET applications using SignalR where a malicious client can result in a denial-of-service.
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
ASP.NET and Visual Studio Security Feature Bypass Vulnerability