{"url":"http://public2.vulnerablecode.io/api/packages/604259?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@3.1.21","type":"nuget","namespace":"","name":"Microsoft.AspNetCore.App.Runtime.win-arm","version":"3.1.21","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"7.0.19","latest_non_vulnerable_version":"7.0.19","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46938?format=json","vulnerability_id":"VCID-35e6-fjfc-p3h1","summary":".NET Information Disclosure Vulnerability\nMicrosoft is releasing this security advisory to provide information about a vulnerability in .NET Core 3.1 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.\n\nAn information disclosure vulnerability exists in .NET Core 3.1 and .NET 6.0 that could lead to unauthorized access of privileged information.\n\n## <a name=\"affected-software\"></a>Affected software\n\n* Any .NET 6.0 application running on .NET 6.0.7 or earlier.\n* Any .NET Core 3.1 applicaiton running on .NET Core 3.1.27 or earlier.\n\nIf your application uses the following package versions, ensure you update to the latest version of .NET.\n\n### <a name=\".NET Core 3.1\"></a>.NET Core 3.1\n\nPackage name | Affected version | Patched version\n------------ | ---------------- | -------------------------\n[System.Security.Cryptography.Xml](http://system.security)| <=4.7.0| 4.7.1\n[Microsoft.AspNetCore.App.Runtime.win-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-x64)| >=3.1.0, 3.1.27| 3.1.28\n[Microsoft.AspNetCore.App.Runtime.linux-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-x64)| >=3.1.0, 3.1.27| 3.1.28\n[Microsoft.AspNetCore.App.Runtime.win-x86](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-x86)| >=3.1.0, 3.1.27| 3.1.28\n[Microsoft.AspNetCore.App.Runtime.osx-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.osx-x64)| >=3.1.0, 3.1.27| 3.1.28\n[Microsoft.AspNetCore.App.Runtime.linux-musl-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-x64)| >=3.1.0, 3.1.27| 3.1.28\n[Microsoft.AspNetCore.App.Runtime.linux-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-arm64)| >=3.1.0, 3.1.27| 3.1.28\n[Microsoft.AspNetCore.App.Runtime.linux-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-arm)| >=3.1.0, 3.1.27| 3.1.28\n[Microsoft.AspNetCore.App.Runtime.win-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-arm64)| >=3.1.0, 3.1.27| 3.1.28\n[Microsoft.AspNetCore.App.Runtime.win-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-arm)| >=3.1.0, 3.1.27| 3.1.28\n[Microsoft.AspNetCore.App.Runtime.linux-musl-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-arm64)| >=3.1.0, 3.1.27| 3.1.28\n[Microsoft.AspNetCore.App.Runtime.linux-musl-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-arm)| >=3.1.0, 3.1.27| 3.1.28\n\n### <a name=\".NET 6\"></a>.NET 6\n\nPackage name | Affected version | Patched version\n------------ | ---------------- | -------------------------\n[System.Security.Cryptography.Xml](https://www.nuget.org/packages/System.Security.Cryptography.Xml)| >=5.0.0, 6.0.0| 6.0.1\n[Microsoft.AspNetCore.App.Runtime.win-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-x64)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.linux-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-x64)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.win-x86](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-x86)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.osx-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.osx-x64)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.linux-musl-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-x64)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.linux-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-arm64)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.linux-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-arm)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.win-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-arm64)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.win-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-arm)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.osx-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.osx-arm64)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.linux-musl-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-arm64)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.linux-musl-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-arm)| >=6.0.0, 6.0.7| 6.0.8\n\n## Patches\n\n\n* If you're using .NET 6.0, you should download and install Runtime 6.0.8 or SDK 6.0.108 (for Visual Studio 2022 v17.1) from https://dotnet.microsoft.com/download/dotnet-core/6.0.\n* If you're using .NET Core 3.1, you should download and install Runtime 3.1.28 (for Visual Studio 2019 v16.9) from https://dotnet.microsoft.com/download/dotnet-core/3.1.\n\n\n### Other\n\nAnnouncement for this issue can be found at https://github.com/dotnet/announcements/issues/232\nAn Issue for this can be found at https://github.com/dotnet/aspnetcore/issues/43166\nMSRC details for this can be found at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34716","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34716.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34716.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34716","reference_id":"","reference_type":"","scores":[{"value":"0.00762","scoring_system":"epss","scoring_elements":"0.73739","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00762","scoring_system":"epss","scoring_elements":"0.73756","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00762","scoring_system":"epss","scoring_elements":"0.7377","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00762","scoring_system":"epss","scoring_elements":"0.73729","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00762","scoring_system":"epss","scoring_elements":"0.73765","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34716"},{"reference_url":"https://github.com/dotnet/announcements/issues/232","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/announcements/issues/232"},{"reference_url":"https://github.com/dotnet/aspnetcore/issues/43166","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/issues/43166"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34716","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C"},{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T20:04:18Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34716"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34716","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34716"},{"reference_url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34716","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34716"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115183","reference_id":"2115183","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115183"},{"reference_url":"https://github.com/advisories/GHSA-vh55-786g-wjwj","reference_id":"GHSA-vh55-786g-wjwj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vh55-786g-wjwj"},{"reference_url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-vh55-786g-wjwj","reference_id":"GHSA-vh55-786g-wjwj","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-vh55-786g-wjwj"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6037","reference_id":"RHSA-2022:6037","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6037"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6038","reference_id":"RHSA-2022:6038","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6038"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6043","reference_id":"RHSA-2022:6043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6057","reference_id":"RHSA-2022:6057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6058","reference_id":"RHSA-2022:6058","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6058"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/68753?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@3.1.28","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-as33-d56d-fqek"},{"vulnerability":"VCID-g1fd-q1xg-wbcv"},{"vulnerability":"VCID-j3bh-ygvh-cqfn"},{"vulnerability":"VCID-va1v-dc3f-pbfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@3.1.28"},{"url":"http://public2.vulnerablecode.io/api/packages/68754?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@6.0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-as33-d56d-fqek"},{"vulnerability":"VCID-g1fd-q1xg-wbcv"},{"vulnerability":"VCID-j3bh-ygvh-cqfn"},{"vulnerability":"VCID-va1v-dc3f-pbfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@6.0.8"}],"aliases":["CVE-2022-34716","GHSA-vh55-786g-wjwj","GMS-2024-75","GMS-2024-76","GMS-2024-77","GMS-2024-78","GMS-2024-79","GMS-2024-80","GMS-2024-81","GMS-2024-82","GMS-2024-83","GMS-2024-84","GMS-2024-85","GMS-2024-86","GMS-2024-90"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-35e6-fjfc-p3h1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42607?format=json","vulnerability_id":"VCID-4ycx-mrvt-b7du","summary":"This advisory has been marked as False-Positive and removed.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24464.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24464.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24464","reference_id":"","reference_type":"","scores":[{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.70958","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.70941","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.70983","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.7099","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.70973","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24464"},{"reference_url":"https://github.com/dotnet/announcements/issues/212","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/announcements/issues/212"},{"reference_url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-cw98-9j8w-wxv9","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-cw98-9j8w-wxv9"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24464","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T14:00:22Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24464"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2061847","reference_id":"2061847","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2061847"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24464","reference_id":"CVE-2022-24464","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24464"},{"reference_url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24464","reference_id":"CVE-2022-24464","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24464"},{"reference_url":"https://github.com/advisories/GHSA-cw98-9j8w-wxv9","reference_id":"GHSA-cw98-9j8w-wxv9","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cw98-9j8w-wxv9"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0826","reference_id":"RHSA-2022:0826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0827","reference_id":"RHSA-2022:0827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0828","reference_id":"RHSA-2022:0828","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0828"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0829","reference_id":"RHSA-2022:0829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0830","reference_id":"RHSA-2022:0830","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0830"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0832","reference_id":"RHSA-2022:0832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0832"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144874?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@3.1.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-35e6-fjfc-p3h1"},{"vulnerability":"VCID-as33-d56d-fqek"},{"vulnerability":"VCID-eayc-8yee-3fdd"},{"vulnerability":"VCID-ezwq-a93y-3be1"},{"vulnerability":"VCID-g1fd-q1xg-wbcv"},{"vulnerability":"VCID-j3bh-ygvh-cqfn"},{"vulnerability":"VCID-knv1-ccs2-z3h9"},{"vulnerability":"VCID-va1v-dc3f-pbfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@3.1.23"},{"url":"http://public2.vulnerablecode.io/api/packages/144886?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@5.0.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-as33-d56d-fqek"},{"vulnerability":"VCID-eayc-8yee-3fdd"},{"vulnerability":"VCID-ezwq-a93y-3be1"},{"vulnerability":"VCID-g1fd-q1xg-wbcv"},{"vulnerability":"VCID-j3bh-ygvh-cqfn"},{"vulnerability":"VCID-knv1-ccs2-z3h9"},{"vulnerability":"VCID-va1v-dc3f-pbfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@5.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/144897?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@6.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-35e6-fjfc-p3h1"},{"vulnerability":"VCID-as33-d56d-fqek"},{"vulnerability":"VCID-eayc-8yee-3fdd"},{"vulnerability":"VCID-ezwq-a93y-3be1"},{"vulnerability":"VCID-g1fd-q1xg-wbcv"},{"vulnerability":"VCID-j3bh-ygvh-cqfn"},{"vulnerability":"VCID-knv1-ccs2-z3h9"},{"vulnerability":"VCID-va1v-dc3f-pbfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@6.0.3"}],"aliases":["CVE-2022-24464","GHSA-cw98-9j8w-wxv9"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4ycx-mrvt-b7du"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47005?format=json","vulnerability_id":"VCID-as33-d56d-fqek","summary":"Microsoft Security Advisory CVE-2024-21386: .NET Denial of Service Vulnerability\nMicrosoft is releasing this security advisory to provide information about a vulnerability in ASP.NET 6.0, ASP.NET 7.0 and, ASP.NET 8.0 . This advisory also provides guidance on what developers can do to update their applications to address this vulnerability.\n\nA vulnerability exists in ASP.NET applications using SignalR where a malicious client can result in a denial-of-service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21386.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21386.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21386","reference_id":"","reference_type":"","scores":[{"value":"0.02393","scoring_system":"epss","scoring_elements":"0.85329","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02393","scoring_system":"epss","scoring_elements":"0.85344","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02393","scoring_system":"epss","scoring_elements":"0.8535","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21386"},{"reference_url":"https://github.com/dotnet/aspnetcore","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263085","reference_id":"2263085","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263085"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21386","reference_id":"CVE-2024-21386","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T20:15:43Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21386"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-21386","reference_id":"CVE-2024-21386","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-21386"},{"reference_url":"https://github.com/advisories/GHSA-g74q-5xw3-j7q9","reference_id":"GHSA-g74q-5xw3-j7q9","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-g74q-5xw3-j7q9"},{"reference_url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-g74q-5xw3-j7q9","reference_id":"GHSA-g74q-5xw3-j7q9","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-g74q-5xw3-j7q9"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0805","reference_id":"RHSA-2024:0805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0806","reference_id":"RHSA-2024:0806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0807","reference_id":"RHSA-2024:0807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0808","reference_id":"RHSA-2024:0808","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0808"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0814","reference_id":"RHSA-2024:0814","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0814"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0827","reference_id":"RHSA-2024:0827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0848","reference_id":"RHSA-2024:0848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2843","reference_id":"RHSA-2024:2843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3340","reference_id":"RHSA-2024:3340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3340"},{"reference_url":"https://usn.ubuntu.com/6634-1/","reference_id":"USN-6634-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6634-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/68882?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@6.0.27","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-g1fd-q1xg-wbcv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@6.0.27"},{"url":"http://public2.vulnerablecode.io/api/packages/68883?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@7.0.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-g1fd-q1xg-wbcv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@7.0.16"},{"url":"http://public2.vulnerablecode.io/api/packages/68884?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@8.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@8.0.2"}],"aliases":["CVE-2024-21386","GHSA-g74q-5xw3-j7q9"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-as33-d56d-fqek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43306?format=json","vulnerability_id":"VCID-eayc-8yee-3fdd","summary":"This advisory has been marked as False-Positive and removed.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29117.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29117.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29117","reference_id":"","reference_type":"","scores":[{"value":"0.01387","scoring_system":"epss","scoring_elements":"0.80671","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01387","scoring_system":"epss","scoring_elements":"0.80695","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01387","scoring_system":"epss","scoring_elements":"0.807","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01387","scoring_system":"epss","scoring_elements":"0.80698","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01387","scoring_system":"epss","scoring_elements":"0.80692","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29117"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/dotnet/aspnetcore","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore"},{"reference_url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-3rq8-h3gj-r5c6","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-3rq8-h3gj-r5c6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29117","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:34:50Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29117"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083647","reference_id":"2083647","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083647"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29117","reference_id":"CVE-2022-29117","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29117"},{"reference_url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117","reference_id":"CVE-2022-29117","reference_type":"","scores":[],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117"},{"reference_url":"https://github.com/advisories/GHSA-3rq8-h3gj-r5c6","reference_id":"GHSA-3rq8-h3gj-r5c6","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3rq8-h3gj-r5c6"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2194","reference_id":"RHSA-2022:2194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2195","reference_id":"RHSA-2022:2195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2196","reference_id":"RHSA-2022:2196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2199","reference_id":"RHSA-2022:2199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2200","reference_id":"RHSA-2022:2200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2202","reference_id":"RHSA-2022:2202","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4588","reference_id":"RHSA-2022:4588","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4588"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144743?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@3.1.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-35e6-fjfc-p3h1"},{"vulnerability":"VCID-as33-d56d-fqek"},{"vulnerability":"VCID-g1fd-q1xg-wbcv"},{"vulnerability":"VCID-j3bh-ygvh-cqfn"},{"vulnerability":"VCID-va1v-dc3f-pbfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@3.1.25"},{"url":"http://public2.vulnerablecode.io/api/packages/144761?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@5.0.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-as33-d56d-fqek"},{"vulnerability":"VCID-g1fd-q1xg-wbcv"},{"vulnerability":"VCID-j3bh-ygvh-cqfn"},{"vulnerability":"VCID-va1v-dc3f-pbfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@5.0.17"},{"url":"http://public2.vulnerablecode.io/api/packages/144780?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@6.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-35e6-fjfc-p3h1"},{"vulnerability":"VCID-as33-d56d-fqek"},{"vulnerability":"VCID-g1fd-q1xg-wbcv"},{"vulnerability":"VCID-j3bh-ygvh-cqfn"},{"vulnerability":"VCID-va1v-dc3f-pbfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@6.0.5"}],"aliases":["CVE-2022-29117","GHSA-3rq8-h3gj-r5c6"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eayc-8yee-3fdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102666?format=json","vulnerability_id":"VCID-ezwq-a93y-3be1","summary":"dotnet: parsing HTML causes Denial of Service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29145.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29145.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29145","reference_id":"","reference_type":"","scores":[{"value":"0.04164","scoring_system":"epss","scoring_elements":"0.88891","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04164","scoring_system":"epss","scoring_elements":"0.88875","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04164","scoring_system":"epss","scoring_elements":"0.88892","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29145"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-fcg8-mg9g-6hc4","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-fcg8-mg9g-6hc4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29145","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T13:50:08Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29145"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29145","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29145"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083649","reference_id":"2083649","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083649"},{"reference_url":"https://github.com/advisories/GHSA-fcg8-mg9g-6hc4","reference_id":"GHSA-fcg8-mg9g-6hc4","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fcg8-mg9g-6hc4"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2194","reference_id":"RHSA-2022:2194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2195","reference_id":"RHSA-2022:2195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2196","reference_id":"RHSA-2022:2196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2199","reference_id":"RHSA-2022:2199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2200","reference_id":"RHSA-2022:2200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2202","reference_id":"RHSA-2022:2202","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4588","reference_id":"RHSA-2022:4588","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4588"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144743?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@3.1.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-35e6-fjfc-p3h1"},{"vulnerability":"VCID-as33-d56d-fqek"},{"vulnerability":"VCID-g1fd-q1xg-wbcv"},{"vulnerability":"VCID-j3bh-ygvh-cqfn"},{"vulnerability":"VCID-va1v-dc3f-pbfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@3.1.25"},{"url":"http://public2.vulnerablecode.io/api/packages/144761?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@5.0.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-as33-d56d-fqek"},{"vulnerability":"VCID-g1fd-q1xg-wbcv"},{"vulnerability":"VCID-j3bh-ygvh-cqfn"},{"vulnerability":"VCID-va1v-dc3f-pbfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@5.0.17"},{"url":"http://public2.vulnerablecode.io/api/packages/144780?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@6.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-35e6-fjfc-p3h1"},{"vulnerability":"VCID-as33-d56d-fqek"},{"vulnerability":"VCID-g1fd-q1xg-wbcv"},{"vulnerability":"VCID-j3bh-ygvh-cqfn"},{"vulnerability":"VCID-va1v-dc3f-pbfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@6.0.5"}],"aliases":["CVE-2022-29145","GHSA-fcg8-mg9g-6hc4"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ezwq-a93y-3be1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54792?format=json","vulnerability_id":"VCID-g1fd-q1xg-wbcv","summary":"Microsoft Security Advisory CVE-2024-30046 | .NET Denial of Service Vulnerability\nMicrosoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 8.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.\n\nA Vulnerability exist in Microsoft.AspNetCore.Server.Kestrel.Core.dll where a dead-lock can occur resulting in Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30046.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30046.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-30046","reference_id":"","reference_type":"","scores":[{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.3869","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.38718","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.38746","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.38742","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-30046"},{"reference_url":"https://github.com/dotnet/announcements/issues/308","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/announcements/issues/308"},{"reference_url":"https://github.com/dotnet/aspnetcore","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore"},{"reference_url":"https://github.com/dotnet/aspnetcore/issues/55714","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/issues/55714"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2279697","reference_id":"2279697","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2279697"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30046","reference_id":"CVE-2024-30046","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-15T16:43:57Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30046"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-30046","reference_id":"CVE-2024-30046","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-30046"},{"reference_url":"https://github.com/advisories/GHSA-hhc7-x9w4-cw47","reference_id":"GHSA-hhc7-x9w4-cw47","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hhc7-x9w4-cw47"},{"reference_url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-hhc7-x9w4-cw47","reference_id":"GHSA-hhc7-x9w4-cw47","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-hhc7-x9w4-cw47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2842","reference_id":"RHSA-2024:2842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2843","reference_id":"RHSA-2024:2843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3340","reference_id":"RHSA-2024:3340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3345","reference_id":"RHSA-2024:3345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3345"},{"reference_url":"https://usn.ubuntu.com/6773-1/","reference_id":"USN-6773-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6773-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81329?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@7.0.19","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@7.0.19"},{"url":"http://public2.vulnerablecode.io/api/packages/81330?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@8.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@8.0.5"}],"aliases":["CVE-2024-30046","GHSA-hhc7-x9w4-cw47"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g1fd-q1xg-wbcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101667?format=json","vulnerability_id":"VCID-j3bh-ygvh-cqfn","summary":"dotnet: DenialOfService - ASP.NET Core MVC vulnerable to stack overflow via ModelStateDictionary recursion.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38013.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38013.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38013","reference_id":"","reference_type":"","scores":[{"value":"0.01487","scoring_system":"epss","scoring_elements":"0.8139","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01487","scoring_system":"epss","scoring_elements":"0.81397","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01487","scoring_system":"epss","scoring_elements":"0.81395","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01487","scoring_system":"epss","scoring_elements":"0.81367","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38013"},{"reference_url":"https://github.com/dotnet/aspnetcore","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore"},{"reference_url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-r8m2-4x37-6592","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-r8m2-4x37-6592"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WL334CKOHA6BQQSYJW365HIWJ4IOE45M","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WL334CKOHA6BQQSYJW365HIWJ4IOE45M"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WL334CKOHA6BQQSYJW365HIWJ4IOE45M","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WL334CKOHA6BQQSYJW365HIWJ4IOE45M"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38013","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:39:58Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38013"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-38013","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-38013"},{"reference_url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38013","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38013"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2125124","reference_id":"2125124","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2125124"},{"reference_url":"https://github.com/advisories/GHSA-r8m2-4x37-6592","reference_id":"GHSA-r8m2-4x37-6592","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r8m2-4x37-6592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6520","reference_id":"RHSA-2022:6520","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6520"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6521","reference_id":"RHSA-2022:6521","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6522","reference_id":"RHSA-2022:6522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6523","reference_id":"RHSA-2022:6523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6523"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6539","reference_id":"RHSA-2022:6539","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6539"},{"reference_url":"https://usn.ubuntu.com/5609-1/","reference_id":"USN-5609-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5609-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/145746?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@3.1.29","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-as33-d56d-fqek"},{"vulnerability":"VCID-g1fd-q1xg-wbcv"},{"vulnerability":"VCID-va1v-dc3f-pbfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@3.1.29"},{"url":"http://public2.vulnerablecode.io/api/packages/145768?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@6.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-as33-d56d-fqek"},{"vulnerability":"VCID-g1fd-q1xg-wbcv"},{"vulnerability":"VCID-va1v-dc3f-pbfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@6.0.9"}],"aliases":["CVE-2022-38013","GHSA-r8m2-4x37-6592"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j3bh-ygvh-cqfn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43305?format=json","vulnerability_id":"VCID-knv1-ccs2-z3h9","summary":"Uncontrolled Resource Consumption\n.NET, Visual Studio and PowerShell Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-29117, CVE-2022-29145.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23267.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23267.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23267","reference_id":"","reference_type":"","scores":[{"value":"0.06422","scoring_system":"epss","scoring_elements":"0.91219","published_at":"2026-06-08T12:55:00Z"},{"value":"0.06422","scoring_system":"epss","scoring_elements":"0.91213","published_at":"2026-06-04T12:55:00Z"},{"value":"0.06422","scoring_system":"epss","scoring_elements":"0.91226","published_at":"2026-06-06T12:55:00Z"},{"value":"0.06422","scoring_system":"epss","scoring_elements":"0.91223","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23267"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/dotnet/announcements/issues/221","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/announcements/issues/221"},{"reference_url":"https://github.com/dotnet/runtime/security/advisories/GHSA-485p-mrj5-8w2v","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/runtime/security/advisories/GHSA-485p-mrj5-8w2v"},{"reference_url":"https://github.com/PowerShell/Announcements/issues/32","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/PowerShell/Announcements/issues/32"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23267","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:36:15Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23267"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083650","reference_id":"2083650","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083650"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23267","reference_id":"CVE-2022-23267","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23267"},{"reference_url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23267","reference_id":"CVE-2022-23267","reference_type":"","scores":[],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23267"},{"reference_url":"https://github.com/advisories/GHSA-485p-mrj5-8w2v","reference_id":"GHSA-485p-mrj5-8w2v","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-485p-mrj5-8w2v"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2194","reference_id":"RHSA-2022:2194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2195","reference_id":"RHSA-2022:2195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2196","reference_id":"RHSA-2022:2196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2199","reference_id":"RHSA-2022:2199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2200","reference_id":"RHSA-2022:2200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2202","reference_id":"RHSA-2022:2202","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4588","reference_id":"RHSA-2022:4588","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4588"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144743?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@3.1.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-35e6-fjfc-p3h1"},{"vulnerability":"VCID-as33-d56d-fqek"},{"vulnerability":"VCID-g1fd-q1xg-wbcv"},{"vulnerability":"VCID-j3bh-ygvh-cqfn"},{"vulnerability":"VCID-va1v-dc3f-pbfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@3.1.25"},{"url":"http://public2.vulnerablecode.io/api/packages/144761?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@5.0.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-as33-d56d-fqek"},{"vulnerability":"VCID-g1fd-q1xg-wbcv"},{"vulnerability":"VCID-j3bh-ygvh-cqfn"},{"vulnerability":"VCID-va1v-dc3f-pbfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@5.0.17"},{"url":"http://public2.vulnerablecode.io/api/packages/144780?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@6.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-35e6-fjfc-p3h1"},{"vulnerability":"VCID-as33-d56d-fqek"},{"vulnerability":"VCID-g1fd-q1xg-wbcv"},{"vulnerability":"VCID-j3bh-ygvh-cqfn"},{"vulnerability":"VCID-va1v-dc3f-pbfp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@6.0.5"}],"aliases":["CVE-2022-23267","GHSA-485p-mrj5-8w2v"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-knv1-ccs2-z3h9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45605?format=json","vulnerability_id":"VCID-va1v-dc3f-pbfp","summary":"Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')\nASP.NET and Visual Studio Security Feature Bypass Vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33170.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-33170.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-33170","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47455","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47485","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47503","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.475","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-33170"},{"reference_url":"https://github.com/dotnet/aspnetcore","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore"},{"reference_url":"https://github.com/dotnet/aspnetcore/issues/49334","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/issues/49334"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVZVMMCCBBCSCPAW2CRQGOTKIHVFCMRO","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVZVMMCCBBCSCPAW2CRQGOTKIHVFCMRO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVZVMMCCBBCSCPAW2CRQGOTKIHVFCMRO/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVZVMMCCBBCSCPAW2CRQGOTKIHVFCMRO/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O5CFOR6ID2HP45E7ZOGQNX76FPIWP7XR","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O5CFOR6ID2HP45E7ZOGQNX76FPIWP7XR"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O5CFOR6ID2HP45E7ZOGQNX76FPIWP7XR/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O5CFOR6ID2HP45E7ZOGQNX76FPIWP7XR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TLWNIIA2I6YCYVCXYBPBRSZ3UH6KILTG","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TLWNIIA2I6YCYVCXYBPBRSZ3UH6KILTG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TLWNIIA2I6YCYVCXYBPBRSZ3UH6KILTG/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TLWNIIA2I6YCYVCXYBPBRSZ3UH6KILTG/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3VJRGNYJXGPF5LXUG3NL45QPK2UU6PL","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3VJRGNYJXGPF5LXUG3NL45QPK2UU6PL"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3VJRGNYJXGPF5LXUG3NL45QPK2UU6PL/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3VJRGNYJXGPF5LXUG3NL45QPK2UU6PL/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221854","reference_id":"2221854","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221854"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33170","reference_id":"CVE-2023-33170","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-03T16:24:03Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33170"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-33170","reference_id":"CVE-2023-33170","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-33170"},{"reference_url":"https://github.com/advisories/GHSA-25c8-p796-jg6r","reference_id":"GHSA-25c8-p796-jg6r","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-25c8-p796-jg6r"},{"reference_url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-25c8-p796-jg6r","reference_id":"GHSA-25c8-p796-jg6r","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-25c8-p796-jg6r"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4057","reference_id":"RHSA-2023:4057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4058","reference_id":"RHSA-2023:4058","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4058"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4059","reference_id":"RHSA-2023:4059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4060","reference_id":"RHSA-2023:4060","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4061","reference_id":"RHSA-2023:4061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4061"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4448","reference_id":"RHSA-2023:4448","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4448"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4449","reference_id":"RHSA-2023:4449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4449"},{"reference_url":"https://usn.ubuntu.com/6217-1/","reference_id":"USN-6217-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6217-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66030?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@6.0.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-as33-d56d-fqek"},{"vulnerability":"VCID-g1fd-q1xg-wbcv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@6.0.20"},{"url":"http://public2.vulnerablecode.io/api/packages/66031?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@7.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6yt3-svsa-wugc"},{"vulnerability":"VCID-as33-d56d-fqek"},{"vulnerability":"VCID-g1fd-q1xg-wbcv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@7.0.9"}],"aliases":["CVE-2023-33170","GHSA-25c8-p796-jg6r"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-va1v-dc3f-pbfp"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm@3.1.21"}