CVE-2024-43499

HIGH

Published Nov 12, 2024 Modified Nov 19, 2024 CWE-409 CWE-606

Description

.NET and Visual Studio Denial of Service Vulnerability

CVSS v3.1 Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Weakness Type (CWE)

CWE-409 CWE-409

CWE-606 CWE-606

Affected Products

Vendor	Product	Versions
microsoft	.net	All
apple	macos	All
linux	linux_kernel	All
microsoft	windows	All
microsoft	visual_studio_2022	17.6 — 17.6.21
microsoft	visual_studio_2022	17.8 — 17.8.16
microsoft	visual_studio_2022	17.10.0 — 17.10.9
microsoft	visual_studio_2022	17.11.0 — 17.11.6

References

Advisories & Patches

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43499

Frequently Asked Questions

What is CVE-2024-43499? +

.NET and Visual Studio Denial of Service Vulnerability It has a CVSS v3.1 base score of 7.5 (HIGH).

How severe is CVE-2024-43499? +

CVE-2024-43499 has a CVSS v3.1 score of 7.5 out of 10, rated HIGH. This is a high-severity vulnerability that should be prioritized for patching.

What products are affected by CVE-2024-43499? +

CVE-2024-43499 affects products from apple, linux, microsoft, specifically: .net, linux_kernel, macos, visual_studio_2022, windows. Check the affected products table above for specific version ranges.

How do I check if I'm vulnerable to CVE-2024-43499? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2025-66019

pypdf is a free and open-source pure-python PDF library. Prior to version 6.4.0, an attacker who uses this vulnerability can …

CVE-2026-43970

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in ninenines cowlib allows unauthenticated remote denial of service via memory …

CVE-2026-44432 7.5

urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead …

CVE-2025-66471 7.5

urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API …

CVE-2025-62708 7.5

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can …

CVE-2025-66909 7.5

Turms AI-Serving module v0.10.0-SNAPSHOT and earlier contains an image decompression bomb denial of service vulnerability. The ExtendedOpenCVImage class in ai/djl/opencv/ExtendedOpenCVImage.java …

Quick Facts

CVSS Score: 7.5
Severity: HIGH
Published: Nov 12, 2024

Scan for this vulnerability

Check if your website or infrastructure is affected by CVE-2024-43499.

Website Scan Port Scan

Browse CVEs

Critical High CISA KEV ! Most likely exploited →