{"url":"http://public2.vulnerablecode.io/api/packages/143702?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@5.0.0","type":"nuget","namespace":"","name":"Microsoft.AspNetCore.App.Runtime.linux-arm64","version":"5.0.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12730?format=json","vulnerability_id":"VCID-5n75-cxug-2uaj","summary":"Denial Of Service\nThis advisory has been marked as a false positive.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21986.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21986.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21986","reference_id":"","reference_type":"","scores":[{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82548","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82322","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82317","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82344","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82351","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82371","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82364","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82358","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82392","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82393","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82396","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82418","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82429","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82433","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82452","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82473","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82494","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82492","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82508","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82304","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21986"},{"reference_url":"https://github.com/dotnet/announcements/issues/207","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/announcements/issues/207"},{"reference_url":"https://github.com/dotnet/aspnetcore","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore"},{"reference_url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-x459-p2rx-f8ff","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-x459-p2rx-f8ff"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HMQOHV7G5TF6OMBN6DNTDOKQQU7KHMM","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HMQOHV7G5TF6OMBN6DNTDOKQQU7KHMM"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HMQOHV7G5TF6OMBN6DNTDOKQQU7KHMM/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HMQOHV7G5TF6OMBN6DNTDOKQQU7KHMM/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCTBSBE3PNIMXG6ALX2CQG4ZEH7W3YAT","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCTBSBE3PNIMXG6ALX2CQG4ZEH7W3YAT"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCTBSBE3PNIMXG6ALX2CQG4ZEH7W3YAT/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCTBSBE3PNIMXG6ALX2CQG4ZEH7W3YAT/"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21986","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21986"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2051490","reference_id":"2051490","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2051490"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-21986","reference_id":"CVE-2022-21986","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-21986"},{"reference_url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21986","reference_id":"CVE-2022-21986","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21986"},{"reference_url":"https://github.com/advisories/GHSA-x459-p2rx-f8ff","reference_id":"GHSA-x459-p2rx-f8ff","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x459-p2rx-f8ff"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0495","reference_id":"RHSA-2022:0495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0496","reference_id":"RHSA-2022:0496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0499","reference_id":"RHSA-2022:0499","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0499"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0500","reference_id":"RHSA-2022:0500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0500"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/79389?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@5.0.14","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@5.0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/79396?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@6.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@6.0.2"}],"aliases":["CVE-2022-21986","GHSA-x459-p2rx-f8ff"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5n75-cxug-2uaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53227?format=json","vulnerability_id":"VCID-7j9q-dfj7-jbgt","summary":".NET Denial of Service Vulnerability\nMicrosoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0, .NET 5.0 and .NET Core 3.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.\n\nA vulnerability exists in .NET 6.0, .NET 5.0 and .NET core 3.1 where a malicious client can can cause a denial of service when HTML forms are parsed.\n\n### Affected software\n\n* Any .NET 6.0 application running on .NET 6.0.4 or earlier.\n* Any .NET 5.0 application running .NET 5.0.16 or earlier.\n* Any .NET Core 3.1 application running on .NET Core 3.1.24 or earlier.\n\n#### Affected packages\n\n**.NET Core 3.1**\n\n| Package name                                  | Affected version | Patched version |\n|---------------------------------------------------|---------------------|---------------|\n| Microsoft.AspNetCore.App.Runtime.win-x64          | >=3.0.0,3.1.24      | 3.1.25        |\n| Microsoft.AspNetCore.App.Runtime.linux-x64        | >=3.0.0,3.1.24      | 3.1.25        |\n| Microsoft.AspNetCore.App.Runtime.win-x86          | >=3.0.0,3.1.24      | 3.1.25        |\n| Microsoft.AspNetCore.App.Runtime.osx-x64          | >=3.0.0,3.1.24      | 3.1.25        |\n| Microsoft.AspNetCore.App.Runtime.linux-musl-x64   | >=3.0.0,3.1.24      | 3.1.25        |\n| Microsoft.AspNetCore.App.Runtime.linux-arm64      | >=3.0.0,3.1.24      | 3.1.25        |\n| Microsoft.AspNetCore.App.Runtime.linux-arm        | >=3.0.0,3.1.24      | 3.1.25        |\n| Microsoft.AspNetCore.App.Runtime.win-arm64        | >=3.0.0,3.1.24      | 3.1.25        |\n| Microsoft.AspNetCore.App.Runtime.win-arm          | >=3.0.0,3.1.24      | 3.1.25        |\n| Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 | >=3.0.0,3.1.24      | 3.1.25        |\n| Microsoft.AspNetCore.App.Runtime.linux-musl-arm   | >=3.0.0,3.1.24      | 3.1.25        |\n\n**.NET 5.0**\n\n| Package name                                  | Affected version | Patched version |\n|---------------------------------------------------|---------------------|---------------|\n| Microsoft.AspNetCore.App.Runtime.win-x64          | >=5.0.0,5.0.16      | 5.0.17        |\n| Microsoft.AspNetCore.App.Runtime.linux-x64        | >=5.0.0,5.0.16      | 5.0.17        |\n| Microsoft.AspNetCore.App.Runtime.win-x86          | >=5.0.0,5.0.16      | 5.0.17        |\n| Microsoft.AspNetCore.App.Runtime.osx-x64          | >=5.0.0,5.0.16      | 5.0.17        |\n| Microsoft.AspNetCore.App.Runtime.linux-musl-x64   | >=5.0.0,5.0.16      | 5.0.17        |\n| Microsoft.AspNetCore.App.Runtime.linux-arm64      | >=5.0.0,5.0.16      | 5.0.17        |\n| Microsoft.AspNetCore.App.Runtime.linux-arm        | >=5.0.0,5.0.16      | 5.0.17        |\n| Microsoft.AspNetCore.App.Runtime.win-arm64        | >=5.0.0,5.0.16      | 5.0.17        |\n| Microsoft.AspNetCore.App.Runtime.win-arm          | >=5.0.0,5.0.16      | 5.0.17        |\n| Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 | >=5.0.0,5.0.16      | 5.0.17        |\n| Microsoft.AspNetCore.App.Runtime.linux-musl-arm   | >=5.0.0,5.0.16      | 5.0.17        |\n\n**.NET 6.0**\n\n| Package name                                  | Affected version | Patched version |\n|---------------------------------------------------|---------------------|---------------|\n| Microsoft.AspNetCore.App.Runtime.win-x64          | >=6.0.0,6.0.4       | 6.0.5         |\n| Microsoft.AspNetCore.App.Runtime.linux-x64        | >=6.0.0,6.0.4       | 6.0.5         |\n| Microsoft.AspNetCore.App.Runtime.win-x86          | >=6.0.0,6.0.4       | 6.0.5         |\n| Microsoft.AspNetCore.App.Runtime.osx-x64          | >=6.0.0,6.0.4       | 6.0.5         |\n| Microsoft.AspNetCore.App.Runtime.linux-musl-x64   | >=6.0.0,6.0.4       | 6.0.5         |\n| Microsoft.AspNetCore.App.Runtime.linux-arm64      | >=6.0.0,6.0.4       | 6.0.5         |\n| Microsoft.AspNetCore.App.Runtime.linux-arm        | >=6.0.0,6.0.4       | 6.0.5         |\n| Microsoft.AspNetCore.App.Runtime.win-arm64        | >=6.0.0,6.0.4       | 6.0.5         |\n| Microsoft.AspNetCore.App.Runtime.win-arm          | >=6.0.0,6.0.4       | 6.0.5         |\n| Microsoft.AspNetCore.App.Runtime.osx-arm64        | >=6.0.0,6.0.4       | 6.0.5         |\n| Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 | >=6.0.0,6.0.4       | 6.0.5         |\n| Microsoft.AspNetCore.App.Runtime.linux-musl-arm   | >=6.0.0,6.0.4       | 6.0.5         |\n\n\n### Patches\n* If you're using .NET Core 6.0, you should download and install Runtime 6.0.5 or SDK 6.0.105 (for Visual Studio 2022 v17.0) or SDK 6.0.203 (for Visual Studio 2022 v17.1) from https://dotnet.microsoft.com/download/dotnet-core/6.0.\n\n* If you're using .NET 5.0, you should download and install Runtime 5.0.17 or SDK 5.0.214 (for Visual Studio 2019 v16.9) or SDK 5.0.408 (for Visual Studio 2011 v16.11) from https://dotnet.microsoft.com/download/dotnet-core/5.0.\n\n* If you're using .NET Core 3.1, you should download and install Runtime 3.1.25 or SDK 3.1.419 (for Visual Studio 2019 v16.9 or Visual Studio 2011 16.11 or Visual Studio 2022 17.0 or Visual Studio 2022 17.1 ) from https://dotnet.microsoft.com/download/dotnet-core/3.1.\n\n.NET 6.0, .NET 5.0 and .NET Core 3.1 updates are also available from Microsoft Update. To access this either type \"Check for updates\" in your Windows search, or open Settings, choose Update & Security and then click Check for Updates.\n\n### Other\n\nAnnouncement for this issue can be found at https://github.com/dotnet/announcements/issues/222\nAn Issue for this can be found at https://github.com/dotnet/aspnetcore/issues/41609\nMSRC details for this can be found at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29145","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29145.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29145.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29145","reference_id":"","reference_type":"","scores":[{"value":"0.06204","scoring_system":"epss","scoring_elements":"0.90965","published_at":"2026-05-14T12:55:00Z"},{"value":"0.06204","scoring_system":"epss","scoring_elements":"0.90955","published_at":"2026-05-12T12:55:00Z"},{"value":"0.06204","scoring_system":"epss","scoring_elements":"0.90946","published_at":"2026-05-11T12:55:00Z"},{"value":"0.06204","scoring_system":"epss","scoring_elements":"0.90949","published_at":"2026-05-09T12:55:00Z"},{"value":"0.06204","scoring_system":"epss","scoring_elements":"0.90936","published_at":"2026-05-07T12:55:00Z"},{"value":"0.06204","scoring_system":"epss","scoring_elements":"0.90919","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06204","scoring_system":"epss","scoring_elements":"0.90903","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06204","scoring_system":"epss","scoring_elements":"0.90905","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06204","scoring_system":"epss","scoring_elements":"0.90906","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06204","scoring_system":"epss","scoring_elements":"0.90894","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06204","scoring_system":"epss","scoring_elements":"0.90893","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06204","scoring_system":"epss","scoring_elements":"0.90896","published_at":"2026-04-16T12:55:00Z"},{"value":"0.06204","scoring_system":"epss","scoring_elements":"0.90871","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06204","scoring_system":"epss","scoring_elements":"0.90873","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06204","scoring_system":"epss","scoring_elements":"0.90864","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06204","scoring_system":"epss","scoring_elements":"0.90858","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06204","scoring_system":"epss","scoring_elements":"0.90847","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06204","scoring_system":"epss","scoring_elements":"0.90836","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06204","scoring_system":"epss","scoring_elements":"0.90826","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29145"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-fcg8-mg9g-6hc4","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-fcg8-mg9g-6hc4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29145","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29145"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29145","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29145"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083649","reference_id":"2083649","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083649"},{"reference_url":"https://github.com/advisories/GHSA-fcg8-mg9g-6hc4","reference_id":"GHSA-fcg8-mg9g-6hc4","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fcg8-mg9g-6hc4"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2194","reference_id":"RHSA-2022:2194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2195","reference_id":"RHSA-2022:2195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2196","reference_id":"RHSA-2022:2196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2199","reference_id":"RHSA-2022:2199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2200","reference_id":"RHSA-2022:2200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2202","reference_id":"RHSA-2022:2202","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4588","reference_id":"RHSA-2022:4588","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4588"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/79589?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@5.0.17","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@5.0.17"},{"url":"http://public2.vulnerablecode.io/api/packages/79596?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@6.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@6.0.5"}],"aliases":["CVE-2022-29145","GHSA-fcg8-mg9g-6hc4"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7j9q-dfj7-jbgt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13213?format=json","vulnerability_id":"VCID-ew2m-qrrh-dkbf","summary":"This advisory has been marked as False-Positive and removed.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24464.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24464.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24464","reference_id":"","reference_type":"","scores":[{"value":"0.02377","scoring_system":"epss","scoring_elements":"0.85141","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02377","scoring_system":"epss","scoring_elements":"0.84922","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02377","scoring_system":"epss","scoring_elements":"0.8494","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02377","scoring_system":"epss","scoring_elements":"0.84944","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02377","scoring_system":"epss","scoring_elements":"0.84967","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02377","scoring_system":"epss","scoring_elements":"0.84974","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02377","scoring_system":"epss","scoring_elements":"0.8499","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02377","scoring_system":"epss","scoring_elements":"0.84988","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02377","scoring_system":"epss","scoring_elements":"0.84984","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02377","scoring_system":"epss","scoring_elements":"0.85005","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02377","scoring_system":"epss","scoring_elements":"0.85006","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02377","scoring_system":"epss","scoring_elements":"0.85003","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02377","scoring_system":"epss","scoring_elements":"0.85029","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02377","scoring_system":"epss","scoring_elements":"0.85037","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02377","scoring_system":"epss","scoring_elements":"0.85035","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02377","scoring_system":"epss","scoring_elements":"0.85052","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02377","scoring_system":"epss","scoring_elements":"0.85076","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02377","scoring_system":"epss","scoring_elements":"0.85096","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02377","scoring_system":"epss","scoring_elements":"0.85092","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02377","scoring_system":"epss","scoring_elements":"0.85108","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24464"},{"reference_url":"https://github.com/dotnet/announcements/issues/212","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/announcements/issues/212"},{"reference_url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-cw98-9j8w-wxv9","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-cw98-9j8w-wxv9"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24464","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24464"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2061847","reference_id":"2061847","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2061847"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24464","reference_id":"CVE-2022-24464","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24464"},{"reference_url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24464","reference_id":"CVE-2022-24464","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24464"},{"reference_url":"https://github.com/advisories/GHSA-cw98-9j8w-wxv9","reference_id":"GHSA-cw98-9j8w-wxv9","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cw98-9j8w-wxv9"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0826","reference_id":"RHSA-2022:0826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0827","reference_id":"RHSA-2022:0827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0828","reference_id":"RHSA-2022:0828","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0828"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0829","reference_id":"RHSA-2022:0829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0830","reference_id":"RHSA-2022:0830","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0830"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0832","reference_id":"RHSA-2022:0832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0832"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/79635?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@5.0.15","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@5.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/79642?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@6.0.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@6.0.3"}],"aliases":["CVE-2022-24464","GHSA-cw98-9j8w-wxv9"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ew2m-qrrh-dkbf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/14378?format=json","vulnerability_id":"VCID-m6bh-57h2-73a3","summary":"This advisory has been marked as False-Positive and removed.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29117.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29117.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29117","reference_id":"","reference_type":"","scores":[{"value":"0.02187","scoring_system":"epss","scoring_elements":"0.84549","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02187","scoring_system":"epss","scoring_elements":"0.84517","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02187","scoring_system":"epss","scoring_elements":"0.845","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02187","scoring_system":"epss","scoring_elements":"0.84501","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02187","scoring_system":"epss","scoring_elements":"0.84485","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02187","scoring_system":"epss","scoring_elements":"0.84459","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02187","scoring_system":"epss","scoring_elements":"0.84439","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02187","scoring_system":"epss","scoring_elements":"0.84435","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02187","scoring_system":"epss","scoring_elements":"0.84426","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02187","scoring_system":"epss","scoring_elements":"0.844","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02187","scoring_system":"epss","scoring_elements":"0.84397","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02187","scoring_system":"epss","scoring_elements":"0.84375","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02187","scoring_system":"epss","scoring_elements":"0.84318","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02187","scoring_system":"epss","scoring_elements":"0.84386","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02187","scoring_system":"epss","scoring_elements":"0.84368","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02187","scoring_system":"epss","scoring_elements":"0.84363","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02187","scoring_system":"epss","scoring_elements":"0.84341","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02187","scoring_system":"epss","scoring_elements":"0.84339","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02187","scoring_system":"epss","scoring_elements":"0.84379","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29117"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/dotnet/aspnetcore","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore"},{"reference_url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-3rq8-h3gj-r5c6","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-3rq8-h3gj-r5c6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29117","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29117"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083647","reference_id":"2083647","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083647"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29117","reference_id":"CVE-2022-29117","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29117"},{"reference_url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117","reference_id":"CVE-2022-29117","reference_type":"","scores":[],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117"},{"reference_url":"https://github.com/advisories/GHSA-3rq8-h3gj-r5c6","reference_id":"GHSA-3rq8-h3gj-r5c6","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3rq8-h3gj-r5c6"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2194","reference_id":"RHSA-2022:2194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2195","reference_id":"RHSA-2022:2195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2196","reference_id":"RHSA-2022:2196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2199","reference_id":"RHSA-2022:2199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2200","reference_id":"RHSA-2022:2200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2202","reference_id":"RHSA-2022:2202","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4588","reference_id":"RHSA-2022:4588","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4588"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/79589?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@5.0.17","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@5.0.17"},{"url":"http://public2.vulnerablecode.io/api/packages/79596?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@6.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@6.0.5"}],"aliases":["CVE-2022-29117","GHSA-3rq8-h3gj-r5c6"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m6bh-57h2-73a3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58999?format=json","vulnerability_id":"VCID-nx74-pj4e-4fde","summary":"ASP.NET Core and Visual Studio Denial of Service Vulnerability\nA denial-of-service vulnerability exists in the way Kestrel parses HTTP/2 requests. The security update addresses the vulnerability by fixing the way the Kestrel parses HTTP/2 requests. Users are advised to upgrade.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-1723.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-1723.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-1723","reference_id":"","reference_type":"","scores":[{"value":"0.0405","scoring_system":"epss","scoring_elements":"0.88625","published_at":"2026-05-14T12:55:00Z"},{"value":"0.04579","scoring_system":"epss","scoring_elements":"0.8921","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04579","scoring_system":"epss","scoring_elements":"0.89217","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04579","scoring_system":"epss","scoring_elements":"0.8923","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04579","scoring_system":"epss","scoring_elements":"0.89229","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04579","scoring_system":"epss","scoring_elements":"0.89225","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04579","scoring_system":"epss","scoring_elements":"0.89242","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04579","scoring_system":"epss","scoring_elements":"0.89248","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04579","scoring_system":"epss","scoring_elements":"0.89251","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04579","scoring_system":"epss","scoring_elements":"0.8926","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04579","scoring_system":"epss","scoring_elements":"0.89277","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04579","scoring_system":"epss","scoring_elements":"0.89288","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04579","scoring_system":"epss","scoring_elements":"0.89286","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04579","scoring_system":"epss","scoring_elements":"0.89296","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04579","scoring_system":"epss","scoring_elements":"0.89169","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04579","scoring_system":"epss","scoring_elements":"0.89175","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04579","scoring_system":"epss","scoring_elements":"0.89189","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04579","scoring_system":"epss","scoring_elements":"0.89192","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04579","scoring_system":"epss","scoring_elements":"0.89214","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04579","scoring_system":"epss","scoring_elements":"0.89224","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04579","scoring_system":"epss","scoring_elements":"0.8922","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-1723"},{"reference_url":"https://github.com/dotnet/announcements/issues/170","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/announcements/issues/170"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L27CGRVEWUPELNJOGTCW6GLEDBECB4B","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L27CGRVEWUPELNJOGTCW6GLEDBECB4B"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRXHERXW4KR5WCP76UDW5PC7GX3YQLUW","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRXHERXW4KR5WCP76UDW5PC7GX3YQLUW"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1723","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1723"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-1723","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-1723"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1914258","reference_id":"1914258","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1914258"},{"reference_url":"https://security.archlinux.org/ASA-202103-16","reference_id":"ASA-202103-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202103-16"},{"reference_url":"https://security.archlinux.org/ASA-202103-17","reference_id":"ASA-202103-17","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202103-17"},{"reference_url":"https://security.archlinux.org/AVG-1449","reference_id":"AVG-1449","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1449"},{"reference_url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1723","reference_id":"CVE-2021-1723","reference_type":"","scores":[],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1723"},{"reference_url":"https://github.com/advisories/GHSA-242j-2gm6-5rwx","reference_id":"GHSA-242j-2gm6-5rwx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-242j-2gm6-5rwx"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0094","reference_id":"RHSA-2021:0094","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0094"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0095","reference_id":"RHSA-2021:0095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0096","reference_id":"RHSA-2021:0096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0114","reference_id":"RHSA-2021:0114","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0114"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84403?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@5.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@5.0.2"}],"aliases":["CVE-2021-1723","GHSA-242j-2gm6-5rwx"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nx74-pj4e-4fde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52224?format=json","vulnerability_id":"VCID-r5g1-zwbg-xubc","summary":".NET Denial of Service Vulnerability\nMicrosoft is releasing this security advisory to provide information about a vulnerability in .NET Core 3.1 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.\n\nA denial of service vulnerability exists in ASP.NET Core 3.1 and .NET 6.0 where a malicious client could cause a stack overflow which may result in a denial of service attack when an attacker sends a customized payload that is parsed during model binding.\n\n## <a name=\"affected-software\"></a>Affected software\n* Any .NET 6.0 application running on .NET 6.0.8 or earlier.\n* Any ASP.NET Core 3.1 application running on .NET Core 3.1.28 or earlier.\nIf your application uses the following package versions, ensure you update to the latest version of .NET.\n### <a name=\"ASP.NET Core 3.1\"></a>.NET Core 3.1\nPackage name | Affected version | Patched version\n------------ | ---------------- | -------------------------\n[Microsoft.AspNetCore.App.Runtime.linux-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-arm)|>= 3.1.0, < 3.1.29|3.1.29\n[Microsoft.AspNetCore.App.Runtime.linux-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-arm64)|>= 3.1.0, < 3.1.29|3.1.29\n[Microsoft.AspNetCore.App.Runtime.linux-musl-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-arm64)|>= 3.1.0, < 3.1.29|3.1.29\n[Microsoft.AspNetCore.App.Runtime.linux-musl-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-x64)|>= 3.1.0, < 3.1.29|3.1.29\n[Microsoft.AspNetCore.App.Runtime.linux-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-x64)|>= 3.1.0, < 3.1.29|3.1.29\n[Microsoft.AspNetCore.App.Runtime.osx-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.osx-x64)|>= 3.1.0, < 3.1.29|3.1.29\n[Microsoft.AspNetCore.App.Runtime.win-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-arm)|>= 3.1.0, < 3.1.29|3.1.29\n[Microsoft.AspNetCore.App.Runtime.win-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-arm64)|>= 3.1.5, < 3.1.29|3.1.29\n[Microsoft.AspNetCore.App.Runtime.win-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-x64)|>= 3.1.0, < 3.1.29|3.1.29\n[Microsoft.AspNetCore.App.Runtime.win-x86](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-x86)|>= 3.1.0, < 3.1.29|3.1.29\n### <a name=\".NET 6\"></a>.NET 6\nPackage name | Affected version | Patched version\n------------ | ---------------- | -------------------------\n[Microsoft.AspNetCore.App.Runtime.linux-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-arm)|>= 5.0.0, < 6.0.9|6.0.9\n[Microsoft.AspNetCore.App.Runtime.linux-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-arm64)|>= 5.0.0, < 6.0.9|6.0.9\n[Microsoft.AspNetCore.App.Runtime.linux-musl-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-arm)|>= 5.0.1, < 6.0.9|6.0.9\n[Microsoft.AspNetCore.App.Runtime.linux-musl-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-arm64)|>= 5.0.0, < 6.0.9|6.0.9\n[Microsoft.AspNetCore.App.Runtime.linux-musl-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-x64)|>= 5.0.0, < 6.0.9|6.0.9\n[Microsoft.AspNetCore.App.Runtime.linux-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-x64)|>= 5.0.0, < 6.0.9|6.0.9\n[Microsoft.AspNetCore.App.Runtime.osx-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.osx-arm64)|>= 6.0.0, < 6.0.9|6.0.9\n[Microsoft.AspNetCore.App.Runtime.osx-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.osx-x64)|>= 5.0.0, < 6.0.9|6.0.9\n[Microsoft.AspNetCore.App.Runtime.win-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-arm)|>= 5.0.0, < 6.0.9|6.0.9\n[Microsoft.AspNetCore.App.Runtime.win-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-arm64)|>= 5.0.0, < 6.0.9|6.0.9\n[Microsoft.AspNetCore.App.Runtime.win-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-x64)|>= 5.0.0, < 6.0.9|6.0.9\n[Microsoft.AspNetCore.App.Runtime.win-x86](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-x86)|>= 5.0.0, < 6.0.9|6.0.9\n\n\n\n### Other\n\nAnnouncement for this issue can be found at https://github.com/dotnet/announcements/issues/234\nAn Issue for this can be found at https://github.com/dotnet/aspnetcore/issues/43953\nMSRC details for this can be found at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38013","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38013.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38013.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38013","reference_id":"","reference_type":"","scores":[{"value":"0.01128","scoring_system":"epss","scoring_elements":"0.78359","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01128","scoring_system":"epss","scoring_elements":"0.78325","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01128","scoring_system":"epss","scoring_elements":"0.78299","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01128","scoring_system":"epss","scoring_elements":"0.78293","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01128","scoring_system":"epss","scoring_elements":"0.78267","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01128","scoring_system":"epss","scoring_elements":"0.78285","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01128","scoring_system":"epss","scoring_elements":"0.78254","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01128","scoring_system":"epss","scoring_elements":"0.78487","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01128","scoring_system":"epss","scoring_elements":"0.78448","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01128","scoring_system":"epss","scoring_elements":"0.78432","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01128","scoring_system":"epss","scoring_elements":"0.78436","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01128","scoring_system":"epss","scoring_elements":"0.7842","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01128","scoring_system":"epss","scoring_elements":"0.78395","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01128","scoring_system":"epss","scoring_elements":"0.78382","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01128","scoring_system":"epss","scoring_elements":"0.78366","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01128","scoring_system":"epss","scoring_elements":"0.78327","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01128","scoring_system":"epss","scoring_elements":"0.7833","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01128","scoring_system":"epss","scoring_elements":"0.78332","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01128","scoring_system":"epss","scoring_elements":"0.78303","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01128","scoring_system":"epss","scoring_elements":"0.78307","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38013"},{"reference_url":"https://github.com/dotnet/aspnetcore","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore"},{"reference_url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-r8m2-4x37-6592","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-r8m2-4x37-6592"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WL334CKOHA6BQQSYJW365HIWJ4IOE45M","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WL334CKOHA6BQQSYJW365HIWJ4IOE45M"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WL334CKOHA6BQQSYJW365HIWJ4IOE45M","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WL334CKOHA6BQQSYJW365HIWJ4IOE45M"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38013","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38013"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-38013","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-38013"},{"reference_url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38013","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38013"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2125124","reference_id":"2125124","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2125124"},{"reference_url":"https://github.com/advisories/GHSA-r8m2-4x37-6592","reference_id":"GHSA-r8m2-4x37-6592","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r8m2-4x37-6592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6520","reference_id":"RHSA-2022:6520","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6520"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6521","reference_id":"RHSA-2022:6521","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6522","reference_id":"RHSA-2022:6522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6523","reference_id":"RHSA-2022:6523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6523"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6539","reference_id":"RHSA-2022:6539","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6539"},{"reference_url":"https://usn.ubuntu.com/5609-1/","reference_id":"USN-5609-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5609-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/80061?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@6.0.9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@6.0.9"}],"aliases":["CVE-2022-38013","GHSA-r8m2-4x37-6592"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r5g1-zwbg-xubc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/14377?format=json","vulnerability_id":"VCID-ujyg-uwtg-vqbt","summary":"Uncontrolled Resource Consumption\n.NET, Visual Studio and PowerShell Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-29117, CVE-2022-29145.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23267.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23267.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23267","reference_id":"","reference_type":"","scores":[{"value":"0.08193","scoring_system":"epss","scoring_elements":"0.92275","published_at":"2026-05-14T12:55:00Z"},{"value":"0.08193","scoring_system":"epss","scoring_elements":"0.92176","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08193","scoring_system":"epss","scoring_elements":"0.92182","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08193","scoring_system":"epss","scoring_elements":"0.92186","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08193","scoring_system":"epss","scoring_elements":"0.92197","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08193","scoring_system":"epss","scoring_elements":"0.922","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08193","scoring_system":"epss","scoring_elements":"0.92206","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08193","scoring_system":"epss","scoring_elements":"0.92203","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08193","scoring_system":"epss","scoring_elements":"0.92214","published_at":"2026-04-16T12:55:00Z"},{"value":"0.08193","scoring_system":"epss","scoring_elements":"0.92213","published_at":"2026-04-18T12:55:00Z"},{"value":"0.08193","scoring_system":"epss","scoring_elements":"0.92216","published_at":"2026-04-29T12:55:00Z"},{"value":"0.08193","scoring_system":"epss","scoring_elements":"0.92219","published_at":"2026-04-26T12:55:00Z"},{"value":"0.08193","scoring_system":"epss","scoring_elements":"0.92227","published_at":"2026-05-05T12:55:00Z"},{"value":"0.08193","scoring_system":"epss","scoring_elements":"0.92237","published_at":"2026-05-07T12:55:00Z"},{"value":"0.08193","scoring_system":"epss","scoring_elements":"0.92245","published_at":"2026-05-09T12:55:00Z"},{"value":"0.08193","scoring_system":"epss","scoring_elements":"0.92249","published_at":"2026-05-11T12:55:00Z"},{"value":"0.08193","scoring_system":"epss","scoring_elements":"0.92256","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23267"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/dotnet/announcements/issues/221","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/announcements/issues/221"},{"reference_url":"https://github.com/dotnet/runtime/security/advisories/GHSA-485p-mrj5-8w2v","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/runtime/security/advisories/GHSA-485p-mrj5-8w2v"},{"reference_url":"https://github.com/PowerShell/Announcements/issues/32","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/PowerShell/Announcements/issues/32"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23267","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23267"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083650","reference_id":"2083650","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083650"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23267","reference_id":"CVE-2022-23267","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23267"},{"reference_url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23267","reference_id":"CVE-2022-23267","reference_type":"","scores":[],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23267"},{"reference_url":"https://github.com/advisories/GHSA-485p-mrj5-8w2v","reference_id":"GHSA-485p-mrj5-8w2v","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-485p-mrj5-8w2v"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2194","reference_id":"RHSA-2022:2194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2195","reference_id":"RHSA-2022:2195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2196","reference_id":"RHSA-2022:2196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2199","reference_id":"RHSA-2022:2199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2200","reference_id":"RHSA-2022:2200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2202","reference_id":"RHSA-2022:2202","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4588","reference_id":"RHSA-2022:4588","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4588"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/79589?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@5.0.17","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@5.0.17"},{"url":"http://public2.vulnerablecode.io/api/packages/79596?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@6.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@6.0.5"}],"aliases":["CVE-2022-23267","GHSA-485p-mrj5-8w2v"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ujyg-uwtg-vqbt"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64@5.0.0"}