CVE-2022-24464

HIGH

.NET 5.0-5.0.13 and .NET Core 3.1-3.1.21 - Denial of Service

Title source: llm
STIX 2.1

Description

.NET and Visual Studio Denial of Service Vulnerability

References (1)

Core 1
Core References

Scores

CVSS v3 7.5
EPSS 0.0331
EPSS Percentile 87.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-400
Status published
Products (47)
fedoraproject/fedora 34
fedoraproject/fedora 35
fedoraproject/fedora 36
microsoft/.net 5.0 - 5.0.14
Microsoft/.NET 5.0 5.0.0 - 5.0.15
Microsoft/.NET 6.0 6.0.0 - 6.0.3
Microsoft/.NET Core 3.1 3.1 - 3.1.23
microsoft/.net_core 3.1 - 3.1.22
Microsoft/Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) 16.11.0 - 16.11.11
Microsoft/Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) 16.0.0 - 16.7.26
... and 37 more
Published Mar 09, 2022
Tracked Since Feb 18, 2026