CVE-2024-43483

HIGH

Published Oct 8, 2024 Modified Oct 21, 2024 CWE-407

Description

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

CVSS v3.1 Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Weakness Type (CWE)

CWE-407 CWE-407

Affected Products

Vendor	Product	Versions
microsoft	.net_framework	All
microsoft	.net_framework	All
microsoft	windows_10_21h2	All
microsoft	windows_10_22h2	All
microsoft	windows_11_22h2	All
microsoft	windows_11_23h2	All
microsoft	windows_11_24h2	All
microsoft	windows_server_2022	All
microsoft	windows_server_2022_23h2	All
microsoft	.net_framework	All
microsoft	.net_framework	All
microsoft	windows_10_1809	All
microsoft	windows_10_21h2	All
microsoft	windows_10_22h2	All
microsoft	windows_11_21h2	All
microsoft	windows_server_2019	All
microsoft	windows_server_2022	All
microsoft	.net_framework	All
microsoft	windows_server_2008	All
microsoft	windows_server_2008	All
microsoft	windows_server_2012	All
microsoft	windows_server_2012	All
microsoft	.net_framework	All
microsoft	windows_10_1607	All
microsoft	windows_10_1607	All
microsoft	windows_server_2008	All
microsoft	windows_server_2012	All
microsoft	windows_server_2012	All
microsoft	windows_server_2016	All
microsoft	.net_framework	All
microsoft	.net_framework	All
microsoft	windows_10_1809	All
microsoft	windows_server_2019	All
microsoft	.net_framework	All
microsoft	windows_server_2008	All
microsoft	.net_framework	All
microsoft	windows_server_2008	All
microsoft	windows_server_2008	All
microsoft	.net_framework	All
microsoft	.net_framework	All
microsoft	.net_framework	All
microsoft	.net_framework	All
microsoft	windows_server_2008	All
microsoft	windows_server_2012	All
microsoft	windows_server_2012	All
microsoft	.net_framework	All
microsoft	.net_framework	All
microsoft	windows_10_1507	All
microsoft	.net_framework	All
microsoft	windows_server_2008	All
microsoft	windows_server_2008	All
microsoft	.net_framework	All
microsoft	windows_server_2008	All
microsoft	windows_server_2008	All
microsoft	.net	6.0.0 — 6.0.35
microsoft	.net	8.0.0 — 8.0.10
apple	macos	All
linux	linux_kernel	All
microsoft	windows	All
microsoft	visual_studio_2022	17.6 — 17.6.20
microsoft	visual_studio_2022	17.8 — 17.8.15
microsoft	visual_studio_2022	17.10 — 17.10.8
microsoft	visual_studio_2022	17.11 — 17.11.5

References

Advisories & Patches

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43483

Frequently Asked Questions

What is CVE-2024-43483? +

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability It has a CVSS v3.1 base score of 7.5 (HIGH).

How severe is CVE-2024-43483? +

CVE-2024-43483 has a CVSS v3.1 score of 7.5 out of 10, rated HIGH. This is a high-severity vulnerability that should be prioritized for patching.

What products are affected by CVE-2024-43483? +

CVE-2024-43483 affects products from apple, linux, microsoft, specifically: .net, .net_framework, linux_kernel, macos, visual_studio_2022, windows, windows_10_1507, windows_10_1607, windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_21h2, windows_11_22h2, windows_11_23h2, windows_11_24h2, windows_server_2008, windows_server_2012, windows_server_2016, windows_server_2019, windows_server_2022, windows_server_2022_23h2. Check the affected products table above for specific version ranges.

How do I check if I'm vulnerable to CVE-2024-43483? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2026-42245

Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, Net::IMAP::ResponseReader has …

CVE-2026-43967

Inefficient Algorithmic Complexity vulnerability in absinthe-graphql absinthe allows unauthenticated denial of service via quadratic fragment-name uniqueness validation. 'Elixir.Absinthe.Phase.Document.Validation.UniqueFragmentNames':run/2 iterates over …

CVE-2026-44378

Botan is a C++ cryptography library. Prior to 3.12.0, certain patterns of indefinite length encodings in BER data could cause …

CVE-2026-40476

graphql-go is a Go implementation of GraphQL. In versions 15.31.4 and below, the OverlappingFieldsCanBeMerged validation rule performs O(n²) pairwise comparisons …

CVE-2026-48959

IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward() compares length $offset (the …

CVE-2026-42304 7.5

Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 26.4.0rc2, the twisted.names module is vulnerable to …

Quick Facts

CVSS Score: 7.5
Severity: HIGH
Published: Oct 8, 2024

Scan for this vulnerability

Check if your website or infrastructure is affected by CVE-2024-43483.

Website Scan Port Scan

Browse CVEs

Critical High CISA KEV ! Most likely exploited →