Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@5.0.11

Type nuget

Namespace

Name Microsoft.AspNetCore.App.Runtime.linux-musl-arm

Version 5.0.11

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 6.0.27

Latest_non_vulnerable_version 10.0.8

Affected_by_vulnerabilities

url VCID-4ycx-mrvt-b7du

vulnerability_id VCID-4ycx-mrvt-b7du

summary This advisory has been marked as False-Positive and removed.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24464.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24464.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-24464

reference_id

reference_type

scores

value	0.0064
scoring_system	epss
scoring_elements	0.70973
published_at	2026-06-07T12:55:00Z

value	0.0064
scoring_system	epss
scoring_elements	0.70941
published_at	2026-06-04T12:55:00Z

value	0.0064
scoring_system	epss
scoring_elements	0.70983
published_at	2026-06-05T12:55:00Z

value	0.0064
scoring_system	epss
scoring_elements	0.7099
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-24464

reference_url

https://github.com/dotnet/announcements/issues/212

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/announcements/issues/212

reference_url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-cw98-9j8w-wxv9

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-cw98-9j8w-wxv9

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24464

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T14:00:22Z/

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24464

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2061847
reference_id	2061847
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2061847

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-24464

reference_id

CVE-2022-24464

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-24464

reference_url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24464

reference_id

CVE-2022-24464

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24464

reference_url

https://github.com/advisories/GHSA-cw98-9j8w-wxv9

reference_id

GHSA-cw98-9j8w-wxv9

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-cw98-9j8w-wxv9

reference_url	https://access.redhat.com/errata/RHSA-2022:0826
reference_id	RHSA-2022:0826
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0826

reference_url	https://access.redhat.com/errata/RHSA-2022:0827
reference_id	RHSA-2022:0827
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0827

reference_url	https://access.redhat.com/errata/RHSA-2022:0828
reference_id	RHSA-2022:0828
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0828

reference_url	https://access.redhat.com/errata/RHSA-2022:0829
reference_id	RHSA-2022:0829
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0829

reference_url	https://access.redhat.com/errata/RHSA-2022:0830
reference_id	RHSA-2022:0830
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0830

reference_url	https://access.redhat.com/errata/RHSA-2022:0832
reference_id	RHSA-2022:0832
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0832

fixed_packages

url pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@5.0.15

purl pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@5.0.15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-as33-d56d-fqek

vulnerability	VCID-eayc-8yee-3fdd

vulnerability	VCID-ezwq-a93y-3be1

vulnerability	VCID-j3bh-ygvh-cqfn

vulnerability	VCID-knv1-ccs2-z3h9

vulnerability	VCID-va1v-dc3f-pbfp

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@5.0.15

url pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.3

purl pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-35e6-fjfc-p3h1

vulnerability	VCID-as33-d56d-fqek

vulnerability	VCID-eayc-8yee-3fdd

vulnerability	VCID-ezwq-a93y-3be1

vulnerability	VCID-j3bh-ygvh-cqfn

vulnerability	VCID-knv1-ccs2-z3h9

vulnerability	VCID-va1v-dc3f-pbfp

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.3

aliases CVE-2022-24464, GHSA-cw98-9j8w-wxv9

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4ycx-mrvt-b7du

url VCID-as33-d56d-fqek

vulnerability_id VCID-as33-d56d-fqek

summary

Microsoft Security Advisory CVE-2024-21386: .NET Denial of Service Vulnerability
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET 6.0, ASP.NET 7.0 and, ASP.NET 8.0 . This advisory also provides guidance on what developers can do to update their applications to address this vulnerability.

A vulnerability exists in ASP.NET applications using SignalR where a malicious client can result in a denial-of-service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21386.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21386.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-21386

reference_id

reference_type

scores

value	0.02393
scoring_system	epss
scoring_elements	0.8535
published_at	2026-06-06T12:55:00Z

value	0.02393
scoring_system	epss
scoring_elements	0.85344
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-21386

reference_url

https://github.com/dotnet/aspnetcore

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2263085
reference_id	2263085
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2263085

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21386

reference_id

CVE-2024-21386

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T20:15:43Z/

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21386

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-21386

reference_id

CVE-2024-21386

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-21386

reference_url

https://github.com/advisories/GHSA-g74q-5xw3-j7q9

reference_id

GHSA-g74q-5xw3-j7q9

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-g74q-5xw3-j7q9

reference_url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-g74q-5xw3-j7q9

reference_id

GHSA-g74q-5xw3-j7q9

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-g74q-5xw3-j7q9

reference_url	https://access.redhat.com/errata/RHSA-2024:0805
reference_id	RHSA-2024:0805
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0805

reference_url	https://access.redhat.com/errata/RHSA-2024:0806
reference_id	RHSA-2024:0806
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0806

reference_url	https://access.redhat.com/errata/RHSA-2024:0807
reference_id	RHSA-2024:0807
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0807

reference_url	https://access.redhat.com/errata/RHSA-2024:0808
reference_id	RHSA-2024:0808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0808

reference_url	https://access.redhat.com/errata/RHSA-2024:0814
reference_id	RHSA-2024:0814
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0814

reference_url	https://access.redhat.com/errata/RHSA-2024:0827
reference_id	RHSA-2024:0827
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0827

reference_url	https://access.redhat.com/errata/RHSA-2024:0848
reference_id	RHSA-2024:0848
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0848

reference_url	https://access.redhat.com/errata/RHSA-2024:2843
reference_id	RHSA-2024:2843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2843

reference_url	https://access.redhat.com/errata/RHSA-2024:3340
reference_id	RHSA-2024:3340
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3340

reference_url	https://usn.ubuntu.com/6634-1/
reference_id	USN-6634-1
reference_type
scores
url	https://usn.ubuntu.com/6634-1/

fixed_packages

url	pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.27
purl	pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.27
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.27

url	pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@7.0.16
purl	pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@7.0.16
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@7.0.16

url pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@8.0.2

purl pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@8.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-g9mj-jjx1-f3h2

vulnerability	VCID-qyfs-eq91-qbbc

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@8.0.2

aliases CVE-2024-21386, GHSA-g74q-5xw3-j7q9

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-as33-d56d-fqek

url VCID-eayc-8yee-3fdd

vulnerability_id VCID-eayc-8yee-3fdd

summary This advisory has been marked as False-Positive and removed.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29117.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29117.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29117

reference_id

reference_type

scores

value	0.01387
scoring_system	epss
scoring_elements	0.80671
published_at	2026-06-04T12:55:00Z

value	0.01387
scoring_system	epss
scoring_elements	0.80695
published_at	2026-06-07T12:55:00Z

value	0.01387
scoring_system	epss
scoring_elements	0.807
published_at	2026-06-06T12:55:00Z

value	0.01387
scoring_system	epss
scoring_elements	0.80698
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/dotnet/aspnetcore

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore

reference_url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-3rq8-h3gj-r5c6

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-3rq8-h3gj-r5c6

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29117

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:34:50Z/

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29117

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2083647
reference_id	2083647
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2083647

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-29117

reference_id

CVE-2022-29117

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-29117

reference_url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117
reference_id	CVE-2022-29117
reference_type
scores
url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117

reference_url

https://github.com/advisories/GHSA-3rq8-h3gj-r5c6

reference_id

GHSA-3rq8-h3gj-r5c6

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-3rq8-h3gj-r5c6

reference_url	https://access.redhat.com/errata/RHSA-2022:2194
reference_id	RHSA-2022:2194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2194

reference_url	https://access.redhat.com/errata/RHSA-2022:2195
reference_id	RHSA-2022:2195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2195

reference_url	https://access.redhat.com/errata/RHSA-2022:2196
reference_id	RHSA-2022:2196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2196

reference_url	https://access.redhat.com/errata/RHSA-2022:2199
reference_id	RHSA-2022:2199
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2199

reference_url	https://access.redhat.com/errata/RHSA-2022:2200
reference_id	RHSA-2022:2200
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2200

reference_url	https://access.redhat.com/errata/RHSA-2022:2202
reference_id	RHSA-2022:2202
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2202

reference_url	https://access.redhat.com/errata/RHSA-2022:4588
reference_id	RHSA-2022:4588
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4588

fixed_packages

url pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@5.0.17

purl pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@5.0.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-as33-d56d-fqek

vulnerability	VCID-j3bh-ygvh-cqfn

vulnerability	VCID-va1v-dc3f-pbfp

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@5.0.17

url pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.5

purl pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-35e6-fjfc-p3h1

vulnerability	VCID-as33-d56d-fqek

vulnerability	VCID-j3bh-ygvh-cqfn

vulnerability	VCID-va1v-dc3f-pbfp

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.5

aliases CVE-2022-29117, GHSA-3rq8-h3gj-r5c6

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eayc-8yee-3fdd

url VCID-ezwq-a93y-3be1

vulnerability_id VCID-ezwq-a93y-3be1

summary dotnet: parsing HTML causes Denial of Service

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29145.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29145.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29145

reference_id

reference_type

scores

value	0.04164
scoring_system	epss
scoring_elements	0.88891
published_at	2026-06-07T12:55:00Z

value	0.04164
scoring_system	epss
scoring_elements	0.88875
published_at	2026-06-04T12:55:00Z

value	0.04164
scoring_system	epss
scoring_elements	0.88892
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29145

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-fcg8-mg9g-6hc4

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-fcg8-mg9g-6hc4

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29145

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T13:50:08Z/

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29145

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-29145

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-29145

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2083649
reference_id	2083649
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2083649

reference_url

https://github.com/advisories/GHSA-fcg8-mg9g-6hc4

reference_id

GHSA-fcg8-mg9g-6hc4

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-fcg8-mg9g-6hc4

reference_url	https://access.redhat.com/errata/RHSA-2022:2194
reference_id	RHSA-2022:2194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2194

reference_url	https://access.redhat.com/errata/RHSA-2022:2195
reference_id	RHSA-2022:2195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2195

reference_url	https://access.redhat.com/errata/RHSA-2022:2196
reference_id	RHSA-2022:2196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2196

reference_url	https://access.redhat.com/errata/RHSA-2022:2199
reference_id	RHSA-2022:2199
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2199

reference_url	https://access.redhat.com/errata/RHSA-2022:2200
reference_id	RHSA-2022:2200
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2200

reference_url	https://access.redhat.com/errata/RHSA-2022:2202
reference_id	RHSA-2022:2202
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2202

reference_url	https://access.redhat.com/errata/RHSA-2022:4588
reference_id	RHSA-2022:4588
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4588

fixed_packages

url pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@5.0.17

purl pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@5.0.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-as33-d56d-fqek

vulnerability	VCID-j3bh-ygvh-cqfn

vulnerability	VCID-va1v-dc3f-pbfp

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@5.0.17

url pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.5

purl pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-35e6-fjfc-p3h1

vulnerability	VCID-as33-d56d-fqek

vulnerability	VCID-j3bh-ygvh-cqfn

vulnerability	VCID-va1v-dc3f-pbfp

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.5

aliases CVE-2022-29145, GHSA-fcg8-mg9g-6hc4

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ezwq-a93y-3be1

url VCID-fye5-kup4-mkfn

vulnerability_id VCID-fye5-kup4-mkfn

summary

Denial Of Service
This advisory has been marked as a false positive.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21986.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21986.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-21986

reference_id

reference_type

scores

value	0.017
scoring_system	epss
scoring_elements	0.82632
published_at	2026-06-04T12:55:00Z

value	0.017
scoring_system	epss
scoring_elements	0.82656
published_at	2026-06-07T12:55:00Z

value	0.017
scoring_system	epss
scoring_elements	0.82658
published_at	2026-06-06T12:55:00Z

value	0.017
scoring_system	epss
scoring_elements	0.82659
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-21986

reference_url

https://github.com/dotnet/announcements/issues/207

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/announcements/issues/207

reference_url

https://github.com/dotnet/aspnetcore

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore

reference_url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-x459-p2rx-f8ff

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-x459-p2rx-f8ff

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HMQOHV7G5TF6OMBN6DNTDOKQQU7KHMM

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HMQOHV7G5TF6OMBN6DNTDOKQQU7KHMM

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HMQOHV7G5TF6OMBN6DNTDOKQQU7KHMM/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HMQOHV7G5TF6OMBN6DNTDOKQQU7KHMM/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCTBSBE3PNIMXG6ALX2CQG4ZEH7W3YAT

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCTBSBE3PNIMXG6ALX2CQG4ZEH7W3YAT

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCTBSBE3PNIMXG6ALX2CQG4ZEH7W3YAT/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCTBSBE3PNIMXG6ALX2CQG4ZEH7W3YAT/

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21986

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21986

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2051490
reference_id	2051490
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2051490

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-21986

reference_id

CVE-2022-21986

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-21986

reference_url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21986

reference_id

CVE-2022-21986

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21986

reference_url

https://github.com/advisories/GHSA-x459-p2rx-f8ff

reference_id

GHSA-x459-p2rx-f8ff

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-x459-p2rx-f8ff

reference_url	https://access.redhat.com/errata/RHSA-2022:0495
reference_id	RHSA-2022:0495
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0495

reference_url	https://access.redhat.com/errata/RHSA-2022:0496
reference_id	RHSA-2022:0496
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0496

reference_url	https://access.redhat.com/errata/RHSA-2022:0499
reference_id	RHSA-2022:0499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0499

reference_url	https://access.redhat.com/errata/RHSA-2022:0500
reference_id	RHSA-2022:0500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0500

fixed_packages

url pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@5.0.14

purl pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@5.0.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4ycx-mrvt-b7du

vulnerability	VCID-as33-d56d-fqek

vulnerability	VCID-eayc-8yee-3fdd

vulnerability	VCID-ezwq-a93y-3be1

vulnerability	VCID-j3bh-ygvh-cqfn

vulnerability	VCID-knv1-ccs2-z3h9

vulnerability	VCID-va1v-dc3f-pbfp

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@5.0.14

url pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.2

purl pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-35e6-fjfc-p3h1

vulnerability	VCID-4ycx-mrvt-b7du

vulnerability	VCID-as33-d56d-fqek

vulnerability	VCID-eayc-8yee-3fdd

vulnerability	VCID-ezwq-a93y-3be1

vulnerability	VCID-j3bh-ygvh-cqfn

vulnerability	VCID-knv1-ccs2-z3h9

vulnerability	VCID-va1v-dc3f-pbfp

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.2

aliases CVE-2022-21986, GHSA-x459-p2rx-f8ff

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fye5-kup4-mkfn

url VCID-j3bh-ygvh-cqfn

vulnerability_id VCID-j3bh-ygvh-cqfn

summary dotnet: DenialOfService - ASP.NET Core MVC vulnerable to stack overflow via ModelStateDictionary recursion.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38013.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38013.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-38013

reference_id

reference_type

scores

value	0.01487
scoring_system	epss
scoring_elements	0.81367
published_at	2026-06-04T12:55:00Z

value	0.01487
scoring_system	epss
scoring_elements	0.81397
published_at	2026-06-06T12:55:00Z

value	0.01487
scoring_system	epss
scoring_elements	0.81395
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-38013

reference_url

https://github.com/dotnet/aspnetcore

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore

reference_url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-r8m2-4x37-6592

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-r8m2-4x37-6592

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WL334CKOHA6BQQSYJW365HIWJ4IOE45M

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WL334CKOHA6BQQSYJW365HIWJ4IOE45M

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WL334CKOHA6BQQSYJW365HIWJ4IOE45M

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WL334CKOHA6BQQSYJW365HIWJ4IOE45M

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38013

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:39:58Z/

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38013

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-38013

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-38013

reference_url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38013

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38013

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2125124
reference_id	2125124
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2125124

reference_url

https://github.com/advisories/GHSA-r8m2-4x37-6592

reference_id

GHSA-r8m2-4x37-6592

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-r8m2-4x37-6592

reference_url	https://access.redhat.com/errata/RHSA-2022:6520
reference_id	RHSA-2022:6520
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6520

reference_url	https://access.redhat.com/errata/RHSA-2022:6521
reference_id	RHSA-2022:6521
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6521

reference_url	https://access.redhat.com/errata/RHSA-2022:6522
reference_id	RHSA-2022:6522
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6522

reference_url	https://access.redhat.com/errata/RHSA-2022:6523
reference_id	RHSA-2022:6523
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6523

reference_url	https://access.redhat.com/errata/RHSA-2022:6539
reference_id	RHSA-2022:6539
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6539

reference_url	https://usn.ubuntu.com/5609-1/
reference_id	USN-5609-1
reference_type
scores
url	https://usn.ubuntu.com/5609-1/

fixed_packages

url pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.9

purl pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-as33-d56d-fqek

vulnerability	VCID-va1v-dc3f-pbfp

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.9

aliases CVE-2022-38013, GHSA-r8m2-4x37-6592

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j3bh-ygvh-cqfn

url VCID-knv1-ccs2-z3h9

vulnerability_id VCID-knv1-ccs2-z3h9

summary

Uncontrolled Resource Consumption
.NET, Visual Studio and PowerShell Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-29117, CVE-2022-29145.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23267.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23267.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-23267

reference_id

reference_type

scores

value	0.06422
scoring_system	epss
scoring_elements	0.91223
published_at	2026-06-07T12:55:00Z

value	0.06422
scoring_system	epss
scoring_elements	0.91213
published_at	2026-06-04T12:55:00Z

value	0.06422
scoring_system	epss
scoring_elements	0.91226
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-23267

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/dotnet/announcements/issues/221

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/announcements/issues/221

reference_url

https://github.com/dotnet/runtime/security/advisories/GHSA-485p-mrj5-8w2v

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/runtime/security/advisories/GHSA-485p-mrj5-8w2v

reference_url	https://github.com/PowerShell/Announcements/issues/32
reference_id
reference_type
scores
url	https://github.com/PowerShell/Announcements/issues/32

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23267

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:36:15Z/

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23267

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2083650
reference_id	2083650
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2083650

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-23267

reference_id

CVE-2022-23267

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-23267

reference_url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23267
reference_id	CVE-2022-23267
reference_type
scores
url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23267

reference_url

https://github.com/advisories/GHSA-485p-mrj5-8w2v

reference_id

GHSA-485p-mrj5-8w2v

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-485p-mrj5-8w2v

reference_url	https://access.redhat.com/errata/RHSA-2022:2194
reference_id	RHSA-2022:2194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2194

reference_url	https://access.redhat.com/errata/RHSA-2022:2195
reference_id	RHSA-2022:2195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2195

reference_url	https://access.redhat.com/errata/RHSA-2022:2196
reference_id	RHSA-2022:2196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2196

reference_url	https://access.redhat.com/errata/RHSA-2022:2199
reference_id	RHSA-2022:2199
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2199

reference_url	https://access.redhat.com/errata/RHSA-2022:2200
reference_id	RHSA-2022:2200
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2200

reference_url	https://access.redhat.com/errata/RHSA-2022:2202
reference_id	RHSA-2022:2202
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2202

reference_url	https://access.redhat.com/errata/RHSA-2022:4588
reference_id	RHSA-2022:4588
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4588

fixed_packages

url pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@5.0.17

purl pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@5.0.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-as33-d56d-fqek

vulnerability	VCID-j3bh-ygvh-cqfn

vulnerability	VCID-va1v-dc3f-pbfp

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@5.0.17

url pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.5

purl pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-35e6-fjfc-p3h1

vulnerability	VCID-as33-d56d-fqek

vulnerability	VCID-j3bh-ygvh-cqfn

vulnerability	VCID-va1v-dc3f-pbfp

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.5

aliases CVE-2022-23267, GHSA-485p-mrj5-8w2v

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-knv1-ccs2-z3h9

url VCID-va1v-dc3f-pbfp

vulnerability_id VCID-va1v-dc3f-pbfp

summary

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
ASP.NET and Visual Studio Security Feature Bypass Vulnerability

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33170.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33170.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-33170

reference_id

reference_type

scores

value	0.0024
scoring_system	epss
scoring_elements	0.475
published_at	2026-06-05T12:55:00Z

value	0.0024
scoring_system	epss
scoring_elements	0.47485
published_at	2026-06-07T12:55:00Z

value	0.0024
scoring_system	epss
scoring_elements	0.47503
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-33170

reference_url

https://github.com/dotnet/aspnetcore

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore

reference_url

https://github.com/dotnet/aspnetcore/issues/49334

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore/issues/49334

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVZVMMCCBBCSCPAW2CRQGOTKIHVFCMRO

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVZVMMCCBBCSCPAW2CRQGOTKIHVFCMRO

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVZVMMCCBBCSCPAW2CRQGOTKIHVFCMRO/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVZVMMCCBBCSCPAW2CRQGOTKIHVFCMRO/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O5CFOR6ID2HP45E7ZOGQNX76FPIWP7XR

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O5CFOR6ID2HP45E7ZOGQNX76FPIWP7XR

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O5CFOR6ID2HP45E7ZOGQNX76FPIWP7XR/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O5CFOR6ID2HP45E7ZOGQNX76FPIWP7XR/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TLWNIIA2I6YCYVCXYBPBRSZ3UH6KILTG

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TLWNIIA2I6YCYVCXYBPBRSZ3UH6KILTG

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TLWNIIA2I6YCYVCXYBPBRSZ3UH6KILTG/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TLWNIIA2I6YCYVCXYBPBRSZ3UH6KILTG/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3VJRGNYJXGPF5LXUG3NL45QPK2UU6PL

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3VJRGNYJXGPF5LXUG3NL45QPK2UU6PL

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3VJRGNYJXGPF5LXUG3NL45QPK2UU6PL/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3VJRGNYJXGPF5LXUG3NL45QPK2UU6PL/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2221854
reference_id	2221854
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2221854

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33170

reference_id

CVE-2023-33170

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-03T16:24:03Z/

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33170

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-33170

reference_id

CVE-2023-33170

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-33170

reference_url

https://github.com/advisories/GHSA-25c8-p796-jg6r

reference_id

GHSA-25c8-p796-jg6r

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-25c8-p796-jg6r

reference_url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-25c8-p796-jg6r

reference_id

GHSA-25c8-p796-jg6r

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-25c8-p796-jg6r

reference_url	https://access.redhat.com/errata/RHSA-2023:4057
reference_id	RHSA-2023:4057
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4057

reference_url	https://access.redhat.com/errata/RHSA-2023:4058
reference_id	RHSA-2023:4058
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4058

reference_url	https://access.redhat.com/errata/RHSA-2023:4059
reference_id	RHSA-2023:4059
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4059

reference_url	https://access.redhat.com/errata/RHSA-2023:4060
reference_id	RHSA-2023:4060
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4060

reference_url	https://access.redhat.com/errata/RHSA-2023:4061
reference_id	RHSA-2023:4061
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4061

reference_url	https://access.redhat.com/errata/RHSA-2023:4448
reference_id	RHSA-2023:4448
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4448

reference_url	https://access.redhat.com/errata/RHSA-2023:4449
reference_id	RHSA-2023:4449
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4449

reference_url	https://usn.ubuntu.com/6217-1/
reference_id	USN-6217-1
reference_type
scores
url	https://usn.ubuntu.com/6217-1/

fixed_packages

url pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.20

purl pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-as33-d56d-fqek

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@6.0.20

url pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@7.0.9

purl pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@7.0.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-as33-d56d-fqek

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@7.0.9

aliases CVE-2023-33170, GHSA-25c8-p796-jg6r

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-va1v-dc3f-pbfp

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm@5.0.11

Package Instance