{"url":"http://public2.vulnerablecode.io/api/packages/65402?format=json","purl":"pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@6.0.16","type":"nuget","namespace":"","name":"Microsoft.NETCore.App.Runtime.linux-musl-arm64","version":"6.0.16","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"6.0.18","latest_non_vulnerable_version":"10.0.4","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45368?format=json","vulnerability_id":"VCID-7pxy-azw1-3uef","summary":"Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')\n.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability","references":[{"reference_url":"https://github.com/dotnet/announcements/issues/257","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/dotnet/announcements/issues/257"},{"reference_url":"https://support.microsoft.com/kb/5025823","reference_id":"","reference_type":"","scores":[],"url":"https://support.microsoft.com/kb/5025823"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29331","reference_id":"CVE-2023-29331","reference_type":"","scores":[],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29331"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-29331","reference_id":"CVE-2023-29331","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-29331"},{"reference_url":"https://github.com/advisories/GHSA-555c-2p6r-68mm","reference_id":"GHSA-555c-2p6r-68mm","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-555c-2p6r-68mm"},{"reference_url":"https://github.com/dotnet/runtime/security/advisories/GHSA-555c-2p6r-68mm","reference_id":"GHSA-555c-2p6r-68mm","reference_type":"","scores":[],"url":"https://github.com/dotnet/runtime/security/advisories/GHSA-555c-2p6r-68mm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/65405?format=json","purl":"pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@6.0.18","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@6.0.18"},{"url":"http://public2.vulnerablecode.io/api/packages/65406?format=json","purl":"pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.7"}],"aliases":["CVE-2023-29331","GHSA-555c-2p6r-68mm"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7pxy-azw1-3uef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45367?format=json","vulnerability_id":"VCID-qkfu-3ybz-qucf","summary":"Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')\n.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability","references":[{"reference_url":"https://github.com/dotnet/announcements/issues/259","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/dotnet/announcements/issues/259"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24936","reference_id":"CVE-2023-24936","reference_type":"","scores":[],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24936"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-24936","reference_id":"CVE-2023-24936","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-24936"},{"reference_url":"https://github.com/advisories/GHSA-jx7q-xxmw-44vf","reference_id":"GHSA-jx7q-xxmw-44vf","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-jx7q-xxmw-44vf"},{"reference_url":"https://github.com/dotnet/runtime/security/advisories/GHSA-jx7q-xxmw-44vf","reference_id":"GHSA-jx7q-xxmw-44vf","reference_type":"","scores":[],"url":"https://github.com/dotnet/runtime/security/advisories/GHSA-jx7q-xxmw-44vf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/65405?format=json","purl":"pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@6.0.18","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@6.0.18"},{"url":"http://public2.vulnerablecode.io/api/packages/65406?format=json","purl":"pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@7.0.7"}],"aliases":["CVE-2023-24936","GHSA-jx7q-xxmw-44vf"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qkfu-3ybz-qucf"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64@6.0.16"}