Security Risk Category
unix-domain-socket Security Risks
Published vulnerability pages connected to unix-domain-socket. One risk can appear in multiple categories while keeping one canonical page.
unix-domain-socket risks
Showing 2 of 2 published risks.
CoreWCF Unix Domain Socket PosixIdentity Security Upgrade Bypass Vulnerability
CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, a CoreWCF service hosted on Unix Domain Sockets with PosixIdentity client credentials can accept connections that skip the application/unixposix stream upgrade before dispatching messages, bypassing framing-layer identity checks in UnixPosixIdentitySecurityUpgradeProvider. This issue is fixed in versions 1.8.1 and 1.9.1.
Updated Jul 10, 2026
CoreWCF Unix Domain Socket POSIX Identity Race Condition Vulnerability
CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF UnixDomainSocket POSIX peer identity resolution uses non-reentrant getpwuid and getgrgid calls, allowing concurrent connections to attribute one connection's identity to another or crash the host process under contention. This issue is fixed in versions 1.8.1 and 1.9.1.
Updated Jul 10, 2026
