简体繁体中英

Difference vulnerability between .net core and .net framework

原文 2018-11-20 15:06:57 2 1 .net/ security/ .net-core/ nuget

I don't understand why with the old .net Framework, the recomandation for vulnerability is to update only windows and not the nuget package. But for the .net core, the recommandation is to update nuget package. I search are an article that explain the difference between fix vulnerability between .net core and .net framwork.

Sample:

https://www.cvedetails.com/cve/CVE-2018-8421/ (only update Windows, why not nuget too ?) https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8356 (update nuget for .net core, update OS for .net framework)

1 answers

The full .NET Framework at it's core does not have NuGet packages. It's one block of Framework that you got with your operating system. You can write a fully functional program without a single package. So if there is a vulnerability, you have to update this block that comes with your operating system.

.NET Core is a huge collection of NuGet packages at it's core. It does not come installed as one huge block. So you can update only a few packages. There is nothing that would come with the operating system that you could update.

Difference between ASP.NET Core (.NET Core) and ASP.NET Core (.NET Framework)

Difference in lambda expressions between full .NET framework and .NET Core

What's the difference between .NET Core, .NET Framework, and Xamarin?

Difference Between .Net FrameWork and .Net Mono FrameWork

What is the difference between creating a project ASP.NET Core (.NET Core) and ASP.NET Core (.NET Framework)

What is the difference between ASP.NET MVC 6 and ASP.NET Core 1.0 and the reason behind the core framework?

Difference between .NET Framework versus .NET Standard?

What is the difference between a .NET framework DLL and a .NET core DLL? Why do they need seperate runtimes?

Difference between using the ASP.NET Core Web Application (.NET Core) with net461 set as the only framework and using the (.NET Framework) template

Difference between Asp.Net Core 1.0 and .Net Core 1.0?

暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Difference between ASP.NET Core (.NET Core) and ASP.NET Core (.NET Framework) Difference in lambda expressions between full .NET framework and .NET Core What's the difference between .NET Core, .NET Framework, and Xamarin? Difference Between .Net FrameWork and .Net Mono FrameWork What is the difference between creating a project ASP.NET Core (.NET Core) and ASP.NET Core (.NET Framework) What is the difference between ASP.NET MVC 6 and ASP.NET Core 1.0 and the reason behind the core framework? Difference between .NET Framework versus .NET Standard? What is the difference between a .NET framework DLL and a .NET core DLL? Why do they need seperate runtimes? Difference between using the ASP.NET Core Web Application (.NET Core) with net461 set as the only framework and using the (.NET Framework) template Difference between Asp.Net Core 1.0 and .Net Core 1.0?

Related Tags

Difference vulnerability between .net core and .net framework

Question

1 answers

solution1 3 2018-11-20 15:38:04

solution1
3 2018-11-20 15:38:04