1. Kestrel Server Flaw in .NET 6.0 and 5.0 Allows Remote Denial-of-Service, Microsoft Warns
Microsoft has issued a security advisory for CVE-2022-21986, a Denial-of-Service vulnerability affecting .NET 6.0 and .NET 5.0 applications that use the Kestrel web server. The flaw allows remote attackers to crash or disable applications by sending specially crafted HTTP/2 and HTTP/3 requests. Security researchers are...