Msrc Microsoft Visual Studio 2022 Version 17.1 vulnerabilities

CVE-2022-29117 [HIGH] .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio: .NET and Visual Studio Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5014330 Reference

CVE-2022-29145 [HIGH] .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio: .NET and Visual Studio Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5014330 Reference

CVE-2022-23267 [HIGH] .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio: .NET and Visual Studio Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5014326 Reference

CVE-2022-24513 [HIGH] Visual Studio Elevation of Privilege Vulnerability Visual Studio Elevation of Privilege Vulnerability Visual Studio: Visual Studio Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Remediation: Release Notes Reference: http://aka.ms/vs/15/release/latest Reference: https://docs.microsoft.co

CVE-2022-24765 [MEDIUM] GitHub: Uncontrolled search for the Git directory in Git for Windows GitHub: Uncontrolled search for the Git directory in Git for Windows FAQ: Why is this GitHub CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Git for Windows software which is consumed by Microsoft Visual Studio. It is being documented in the Security Update Guide to announce that the latest builds of Visual Studio are no longer vulnerable. Please see Security Upda

CVE-2022-24767 [HIGH] GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account FAQ: Why is this GitHub CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Git for Windows software which is consumed by Microsoft Visual Studio. It is being documented in the Security Update Guide to announce that the latest builds

CVE-2022-1096 [HIGH] Chromium: CVE-2022-1096 Type Confusion in V8 Chromium: CVE-2022-1096 Type Confusion in V8 Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2022-1096 exists in the wild. FAQ: Why were Visual Studio 2022 version 17.0 and Visual Studio 2022 version 17.1 added to this Chrome CVE for Microsoft Edge? Th

CVE-2020-8927 [MEDIUM] Brotli Library Buffer Overflow Vulnerability Brotli Library Buffer Overflow Vulnerability FAQ: Why is this Google LLC CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in the Brotli library which is consumed by .NET and by Microsoft Visual Studio. It is being documented in the Security Update Guide to announce that the latest builds of .NET and Visual Studio are no longer vulnerable. Please see Security Update Guide Supports CVEs Assigne

CVE-2021-43877 [HIGH] ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability ASP.NET Core & Visual Studio: ASP.NET Core & Visual Studio Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Remediation: Release Notes Reference: https://my.visualstudio.com/Dow

CVE-2021-3711 [CRITICAL] OpenSSL: CVE-2021-3711 SM2 Decryption Buffer Overflow OpenSSL: CVE-2021-3711 SM2 Decryption Buffer Overflow FAQ: Why is this OpenSSL Software Foundation CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in OpenSSL Software which is consumed by Microsoft Visual Studio. It is being documented in the Security Update Guide to announce that the latest builds of Visual Studio are no longer vulnerable. Please see Security Update Guide Support