{"id":"CVE-2024-21319","details":"Microsoft Identity Denial of service vulnerability","aliases":["BIT-dotnet-2024-21319","BIT-dotnet-sdk-2024-21319","GHSA-59j7-ghrg-fj52"],"modified":"2026-04-10T05:09:25.592676Z","published":"2024-01-09T19:15:12.070Z","related":["ALSA-2024:0150","ALSA-2024:0151","ALSA-2024:0152","ALSA-2024:0156","ALSA-2024:0157","ALSA-2024:0158","CGA-qp84-j23m-h4c8"],"references":[{"type":"FIX","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21319"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/azuread/azure-activedirectory-identitymodel-extensions-for-dotnet","events":[{"introduced":"0"},{"fixed":"4a329087c3caa42177be407058bbbd373174a458"},{"introduced":"0"},{"fixed":"edcac4427888840847c65695e4e5a80516664869"},{"introduced":"bf4cb251a85f1b27bbb208c703f6f3105bdb24ca"},{"fixed":"a607fa5e0005a6178cf1d2fed4fa0f8179cdb186"}],"database_specific":{"versions":[{"introduced":"5.0.0"},{"fixed":"5.7.0"},{"introduced":"6.0.0"},{"fixed":"6.34.0"},{"introduced":"7.0.0"},{"fixed":"7.1.2"}]}},{"type":"GIT","repo":"https://github.com/dotnet/core","events":[{"introduced":"ee849590a02cc5cd61eff18aa64bf985ec45124d"},{"fixed":"73deb1784e9f579ce38c044f8cad095c5d4e4f93"},{"introduced":"63772e2191a750dd3cafa75914cacdb038c7520c"},{"fixed":"73deb1784e9f579ce38c044f8cad095c5d4e4f93"},{"introduced":"d78b3180414d35d6c7d136db753474e2ae2b33df"},{"fixed":"73deb1784e9f579ce38c044f8cad095c5d4e4f93"}],"database_specific":{"versions":[{"introduced":"6.0.0"},{"fixed":"6.0.26"},{"introduced":"7.0.0"},{"fixed":"7.0.15"},{"introduced":"8.0.0"},{"fixed":"8.0.1"}]}}],"versions":["5.3.0","5.4.0","6.10.1","6.11.0","6.11.1","6.12.0","6.12.1","6.12.2","6.13.0","6.13.1","6.14.1","6.15.1","6.16.0","6.17.0","6.18.0","6.19.0","6.20.0","6.22.1","6.23.0","6.23.1","6.24.0","6.25.0","6.25.1","6.26.0","6.27.0","6.28.0","6.28.1","6.29.0","6.30.0","6.30.1","6.31.0","6.32.1","6.32.2","6.32.3","6.5.0","6.5.1","6.6.0","6.7.0","6.7.1","6.9.0","v6.0.25","v6.32.0","v6.33.0","v6.5.0","v7.0.14","v8.0.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-21319.json","unresolved_ranges":[{"events":[{"introduced":"17.2.0"},{"fixed":"17.2.23"}]},{"events":[{"introduced":"17.4.0"},{"fixed":"17.4.15"}]},{"events":[{"introduced":"17.6.0"},{"fixed":"17.6.11"}]},{"events":[{"introduced":"17.8.0"},{"fixed":"17.8.4"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}]}