CVE-2022-24512

CWE-120Classic Buffer Overflow8 documents7 sources
Severity
6.3MEDIUM
EPSS
0.2%
top 53.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
16
Microsoft .net 5.0Microsoft .net 6.0Microsoft .net Core 3.1+13 more
Timeline
PublishedMar 9
Latest updateOct 18

Description

.NET and Visual Studio Remote Code Execution Vulnerability

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:LExploitability: 2.8 | Impact: 3.4

Affected Packages130 packages

NVDmicrosoft/visual_studio_201916.7.016.7.26+5
NVDmicrosoft/visual_studio_202217.017.0.7

Also affects: Fedora 34, 35, 36

Patches

Patch: msrc.microsoft.comPatch: msrc.microsoft.com

🔴Vulnerability Details

3
OSV
.NET Remote Code Execution Vulnerability2022-10-18
GHSA
.NET Remote Code Execution Vulnerability2022-10-18
CVEList
.NET and Visual Studio Remote Code Execution Vulnerability2022-03-09

📋Vendor Advisories

2
Microsoft
.NET and Visual Studio Remote Code Execution Vulnerability2022-03-08
Red Hat
dotnet: double parser stack buffer overrun2022-03-08
CVE-2022-24512 (MEDIUM CVSS 6.3) | .NET and Visual Studio Remote Code | cvebase.io