{"url":"http://public2.vulnerablecode.io/api/packages/66008?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@7.0.9","type":"nuget","namespace":"","name":"Microsoft.AspNetCore.App.Runtime.win-x64","version":"7.0.9","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"7.0.10","latest_non_vulnerable_version":"10.0.4","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45807?format=json","vulnerability_id":"VCID-6yt3-svsa-wugc","summary":"Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')\n.NET Core and Visual Studio Denial of Service Vulnerability","references":[{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38178","reference_id":"CVE-2023-38178","reference_type":"","scores":[],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38178"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-38178","reference_id":"CVE-2023-38178","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-38178"},{"reference_url":"https://github.com/advisories/GHSA-p57v-gv7q-4xfm","reference_id":"GHSA-p57v-gv7q-4xfm","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-p57v-gv7q-4xfm"},{"reference_url":"https://github.com/dotnet/runtime/security/advisories/GHSA-p57v-gv7q-4xfm","reference_id":"GHSA-p57v-gv7q-4xfm","reference_type":"","scores":[],"url":"https://github.com/dotnet/runtime/security/advisories/GHSA-p57v-gv7q-4xfm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66523?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@7.0.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@7.0.10"}],"aliases":["CVE-2023-38178","GHSA-p57v-gv7q-4xfm"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6yt3-svsa-wugc"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45605?format=json","vulnerability_id":"VCID-va1v-dc3f-pbfp","summary":"Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')\nASP.NET and Visual Studio Security Feature Bypass Vulnerability","references":[{"reference_url":"https://github.com/dotnet/aspnetcore/issues/49334","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/dotnet/aspnetcore/issues/49334"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVZVMMCCBBCSCPAW2CRQGOTKIHVFCMRO/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVZVMMCCBBCSCPAW2CRQGOTKIHVFCMRO/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O5CFOR6ID2HP45E7ZOGQNX76FPIWP7XR/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O5CFOR6ID2HP45E7ZOGQNX76FPIWP7XR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TLWNIIA2I6YCYVCXYBPBRSZ3UH6KILTG/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TLWNIIA2I6YCYVCXYBPBRSZ3UH6KILTG/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3VJRGNYJXGPF5LXUG3NL45QPK2UU6PL/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3VJRGNYJXGPF5LXUG3NL45QPK2UU6PL/"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33170","reference_id":"CVE-2023-33170","reference_type":"","scores":[],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33170"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-33170","reference_id":"CVE-2023-33170","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-33170"},{"reference_url":"https://github.com/advisories/GHSA-25c8-p796-jg6r","reference_id":"GHSA-25c8-p796-jg6r","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-25c8-p796-jg6r"},{"reference_url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-25c8-p796-jg6r","reference_id":"GHSA-25c8-p796-jg6r","reference_type":"","scores":[],"url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-25c8-p796-jg6r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66007?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@6.0.20","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@6.0.20"},{"url":"http://public2.vulnerablecode.io/api/packages/66008?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@7.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6yt3-svsa-wugc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@7.0.9"}],"aliases":["CVE-2023-33170","GHSA-25c8-p796-jg6r"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-va1v-dc3f-pbfp"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@7.0.9"}