Description
.NET and Visual Studio Denial of Service Vulnerability
References (5)
Core 5
Core References
Vendor Advisory vendor-advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29117
Patch, Vendor Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117
Mailing List, Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/
Mailing List, Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/
Mailing List, Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/
Scores
CVSS v3
7.5
EPSS
0.0491
EPSS Percentile
91.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-400
Status
published
Products (30)
fedoraproject/fedora
34
fedoraproject/fedora
35
fedoraproject/fedora
36
microsoft/.net
5.0
microsoft/.net
6.0.0
Microsoft/.NET 5.0
5.0.0 - 5.0.17
Microsoft/.NET 6.0
6.0.0 - 6.0.5
Microsoft/.NET Core 3.1
3.1 - 3.1.25
microsoft/.net_core
3.1
Microsoft/Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)
16.11.0 - 16.11.14
... and 20 more
Published
May 10, 2022
Tracked Since
Feb 18, 2026