Microsoft Powershell 7.0 vulnerabilities

6 known vulnerabilities affecting microsoft/powershell_7.0.

Total CVEs

6

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH3MEDIUM3

Vulnerabilities

Page 1 of 1

CVE-2022-23267HIGHCVSS 7.5≥ 7.0.0, < 7.0.112022-05-10

CVE-2022-23267 [HIGH] CVE-2022-23267: .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio Denial of Service Vulnerability

CVE-2022-26788HIGHCVSS 7.8≥ 7.0.0, < 7.0.102022-04-15

CVE-2022-26788 [HIGH] PowerShell Elevation of Privilege Vulnerability PowerShell Elevation of Privilege Vulnerability PowerShell Elevation of Privilege Vulnerability

CVE-2022-24512MEDIUMCVSS 6.3≥ 7.0.0, < 7.0.92022-03-09

CVE-2022-24512 [MEDIUM] CVE-2022-24512: .NET and Visual Studio Remote Code Execution Vulnerability .NET and Visual Studio Remote Code Execution Vulnerability

CVE-2021-34485MEDIUMCVSS 5.5≥ 7.0.0, < 7.0.72021-08-12

CVE-2021-34485 [MEDIUM] CVE-2021-34485: .NET Core and Visual Studio Information Disclosure Vulnerability .NET Core and Visual Studio Information Disclosure Vulnerability

CVE-2020-0951MEDIUMCVSS 6.7≥ 7.0.0, < 7.0.82020-09-11

CVE-2020-0951 [MEDIUM] CVE-2020-0951: <p>A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) whi A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could execute PowerShell commands that would be blocked by WDAC. To exploit the vulnerability, an attacker need administrator access on a local machine

CVE-2020-1108HIGHCVSS 7.5vunspecified2020-05-21

CVE-2020-1108 [HIGH] CVE-2020-1108: A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web req A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.