Lookup for vulnerabilities affecting packages.
| Vulnerability_id | VCID-qqh6-yhjn-27g7 |
|---|
| Summary | Duplicate Advisory: Microsoft Security Advisory CVE-2025-55247 | .NET Denial of Service Vulnerability
### Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-w3q9-fxm7-j8fq. This link is maintained to preserve external references.
### Original Description
Improper link resolution before file access ('link following') in .NET allows an authorized attacker to elevate privileges locally. |
|---|
| Aliases |
| 0 |
| alias |
GHSA-q8g5-rw97-f55h |
|
|
|---|
| Fixed_packages |
|
|---|
| Affected_packages |
|
|---|
| References |
|
|---|
| Weaknesses |
| 0 |
| cwe_id |
59 |
| name |
Improper Link Resolution Before File Access ('Link Following') |
| description |
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource. |
|
| 1 |
| cwe_id |
937 |
| name |
OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities |
| description |
Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013. |
|
| 2 |
| cwe_id |
1035 |
| name |
OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities |
| description |
Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017. |
|
|
|---|
| Exploits |
|
|---|
| Severity_range_score | 7.0 - 8.9 |
|---|
| Exploitability | 0.5 |
|---|
| Weighted_severity | 8.0 |
|---|
| Risk_score | 4.0 |
|---|
| Resource_url | http://public2.vulnerablecode.io/vulnerabilities/VCID-qqh6-yhjn-27g7 |
|---|