{"url":"http://public2.vulnerablecode.io/api/packages/68698?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@6.0.0","type":"nuget","namespace":"","name":"Microsoft.AspNetCore.App.Runtime.win-x64","version":"6.0.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46938?format=json","vulnerability_id":"VCID-35e6-fjfc-p3h1","summary":".NET Information Disclosure Vulnerability\nMicrosoft is releasing this security advisory to provide information about a vulnerability in .NET Core 3.1 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.\n\nAn information disclosure vulnerability exists in .NET Core 3.1 and .NET 6.0 that could lead to unauthorized access of privileged information.\n\n## <a name=\"affected-software\"></a>Affected software\n\n* Any .NET 6.0 application running on .NET 6.0.7 or earlier.\n* Any .NET Core 3.1 applicaiton running on .NET Core 3.1.27 or earlier.\n\nIf your application uses the following package versions, ensure you update to the latest version of .NET.\n\n### <a name=\".NET Core 3.1\"></a>.NET Core 3.1\n\nPackage name | Affected version | Patched version\n------------ | ---------------- | -------------------------\n[System.Security.Cryptography.Xml](http://system.security)| <=4.7.0| 4.7.1\n[Microsoft.AspNetCore.App.Runtime.win-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-x64)| >=3.1.0, 3.1.27| 3.1.28\n[Microsoft.AspNetCore.App.Runtime.linux-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-x64)| >=3.1.0, 3.1.27| 3.1.28\n[Microsoft.AspNetCore.App.Runtime.win-x86](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-x86)| >=3.1.0, 3.1.27| 3.1.28\n[Microsoft.AspNetCore.App.Runtime.osx-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.osx-x64)| >=3.1.0, 3.1.27| 3.1.28\n[Microsoft.AspNetCore.App.Runtime.linux-musl-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-x64)| >=3.1.0, 3.1.27| 3.1.28\n[Microsoft.AspNetCore.App.Runtime.linux-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-arm64)| >=3.1.0, 3.1.27| 3.1.28\n[Microsoft.AspNetCore.App.Runtime.linux-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-arm)| >=3.1.0, 3.1.27| 3.1.28\n[Microsoft.AspNetCore.App.Runtime.win-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-arm64)| >=3.1.0, 3.1.27| 3.1.28\n[Microsoft.AspNetCore.App.Runtime.win-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-arm)| >=3.1.0, 3.1.27| 3.1.28\n[Microsoft.AspNetCore.App.Runtime.linux-musl-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-arm64)| >=3.1.0, 3.1.27| 3.1.28\n[Microsoft.AspNetCore.App.Runtime.linux-musl-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-arm)| >=3.1.0, 3.1.27| 3.1.28\n\n### <a name=\".NET 6\"></a>.NET 6\n\nPackage name | Affected version | Patched version\n------------ | ---------------- | -------------------------\n[System.Security.Cryptography.Xml](https://www.nuget.org/packages/System.Security.Cryptography.Xml)| >=5.0.0, 6.0.0| 6.0.1\n[Microsoft.AspNetCore.App.Runtime.win-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-x64)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.linux-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-x64)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.win-x86](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-x86)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.osx-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.osx-x64)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.linux-musl-x64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-x64)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.linux-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-arm64)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.linux-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-arm)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.win-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-arm64)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.win-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.win-arm)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.osx-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.osx-arm64)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.linux-musl-arm64](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-arm64)| >=6.0.0, 6.0.7| 6.0.8\n[Microsoft.AspNetCore.App.Runtime.linux-musl-arm](https://www.nuget.org/packages/Microsoft.AspNetCore.App.Runtime.linux-musl-arm)| >=6.0.0, 6.0.7| 6.0.8\n\n## Patches\n\n\n* If you're using .NET 6.0, you should download and install Runtime 6.0.8 or SDK 6.0.108 (for Visual Studio 2022 v17.1) from https://dotnet.microsoft.com/download/dotnet-core/6.0.\n* If you're using .NET Core 3.1, you should download and install Runtime 3.1.28 (for Visual Studio 2019 v16.9) from https://dotnet.microsoft.com/download/dotnet-core/3.1.\n\n\n### Other\n\nAnnouncement for this issue can be found at https://github.com/dotnet/announcements/issues/232\nAn Issue for this can be found at https://github.com/dotnet/aspnetcore/issues/43166\nMSRC details for this can be found at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34716","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34716.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34716.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34716","reference_id":"","reference_type":"","scores":[{"value":"0.00762","scoring_system":"epss","scoring_elements":"0.73739","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00762","scoring_system":"epss","scoring_elements":"0.73756","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00762","scoring_system":"epss","scoring_elements":"0.7377","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00762","scoring_system":"epss","scoring_elements":"0.73729","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00762","scoring_system":"epss","scoring_elements":"0.73765","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34716"},{"reference_url":"https://github.com/dotnet/announcements/issues/232","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/announcements/issues/232"},{"reference_url":"https://github.com/dotnet/aspnetcore/issues/43166","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/issues/43166"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34716","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C"},{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T20:04:18Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34716"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34716","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34716"},{"reference_url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34716","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34716"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115183","reference_id":"2115183","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2115183"},{"reference_url":"https://github.com/advisories/GHSA-vh55-786g-wjwj","reference_id":"GHSA-vh55-786g-wjwj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vh55-786g-wjwj"},{"reference_url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-vh55-786g-wjwj","reference_id":"GHSA-vh55-786g-wjwj","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-vh55-786g-wjwj"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6037","reference_id":"RHSA-2022:6037","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6037"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6038","reference_id":"RHSA-2022:6038","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6038"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6043","reference_id":"RHSA-2022:6043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6057","reference_id":"RHSA-2022:6057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6058","reference_id":"RHSA-2022:6058","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6058"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/68701?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@6.0.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@6.0.8"}],"aliases":["CVE-2022-34716","GHSA-vh55-786g-wjwj","GMS-2024-75","GMS-2024-76","GMS-2024-77","GMS-2024-78","GMS-2024-79","GMS-2024-80","GMS-2024-81","GMS-2024-82","GMS-2024-83","GMS-2024-84","GMS-2024-85","GMS-2024-86","GMS-2024-90"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-35e6-fjfc-p3h1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109912?format=json","vulnerability_id":"VCID-4r5z-ne8d-byea","summary":"Duplicate Advisory: .NET Information Disclosure Vulnerability\n# Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-vh55-786g-wjwj. This link is maintained to preserve external references.\n\n# Original Description\nMicrosoft is releasing this security advisory to provide information about a vulnerability in .NET Core 3.1 and .NET 6.0.  An information disclosure vulnerability exists in .NET Core 3.1 and .NET 6.0 that could lead to unauthorized access of privileged information.\n\n## Affected software\n\n* Any .NET 6.0 application running on .NET 6.0.7 or earlier.\n* Any .NET Core 3.1 applicaiton running on .NET Core 3.1.27 or earlier.\n\n## Patches\n\n* If you're using .NET 6.0, you should download and install Runtime 6.0.8 or SDK 6.0.108 (for Visual Studio 2022 v17.1) from https://dotnet.microsoft.com/download/dotnet-core/6.0.\n* If you're using .NET Core 3.1, you should download and install Runtime 3.1.28 (for Visual Studio 2019 v16.9) from https://dotnet.microsoft.com/download/dotnet-core/3.1.","references":[{"reference_url":"https://github.com/dotnet/announcements/issues/232","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/announcements/issues/232"},{"reference_url":"https://github.com/dotnet/aspnetcore/issues/43166","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/issues/43166"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34716","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34716"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34716","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34716"},{"reference_url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34716","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34716"},{"reference_url":"https://github.com/advisories/GHSA-2m65-m22p-9wjw","reference_id":"GHSA-2m65-m22p-9wjw","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2m65-m22p-9wjw"},{"reference_url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-vh55-786g-wjwj","reference_id":"GHSA-vh55-786g-wjwj","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-vh55-786g-wjwj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/68701?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@6.0.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@6.0.8"}],"aliases":["GHSA-2m65-m22p-9wjw"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4r5z-ne8d-byea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42607?format=json","vulnerability_id":"VCID-4ycx-mrvt-b7du","summary":"This advisory has been marked as False-Positive and removed.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24464.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24464.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24464","reference_id":"","reference_type":"","scores":[{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.70958","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.70941","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.70983","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.7099","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.70973","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24464"},{"reference_url":"https://github.com/dotnet/announcements/issues/212","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/announcements/issues/212"},{"reference_url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-cw98-9j8w-wxv9","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-cw98-9j8w-wxv9"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24464","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T14:00:22Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24464"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2061847","reference_id":"2061847","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2061847"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24464","reference_id":"CVE-2022-24464","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24464"},{"reference_url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24464","reference_id":"CVE-2022-24464","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24464"},{"reference_url":"https://github.com/advisories/GHSA-cw98-9j8w-wxv9","reference_id":"GHSA-cw98-9j8w-wxv9","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cw98-9j8w-wxv9"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0826","reference_id":"RHSA-2022:0826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0827","reference_id":"RHSA-2022:0827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0828","reference_id":"RHSA-2022:0828","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0828"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0829","reference_id":"RHSA-2022:0829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0830","reference_id":"RHSA-2022:0830","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0830"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0832","reference_id":"RHSA-2022:0832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0832"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144899?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@6.0.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@6.0.3"}],"aliases":["CVE-2022-24464","GHSA-cw98-9j8w-wxv9"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4ycx-mrvt-b7du"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45798?format=json","vulnerability_id":"VCID-dq9y-u457-6uhc","summary":"Uncontrolled Resource Consumption\n.NET and Visual Studio Denial of Service Vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38180.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38180.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38180","reference_id":"","reference_type":"","scores":[{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75739","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75752","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75761","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75764","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38180"},{"reference_url":"https://github.com/dotnet/runtime","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/runtime"},{"reference_url":"https://github.com/dotnet/runtime/issues/90170","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/runtime/issues/90170"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CL2L4WE5QRT7WEXANYXSKSU43APC5N2V","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CL2L4WE5QRT7WEXANYXSKSU43APC5N2V"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NWVZFKTLNMNKPZ755EMRYIA6GHFOWGKY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NWVZFKTLNMNKPZ755EMRYIA6GHFOWGKY"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-38180","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-38180"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2228621","reference_id":"2228621","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2228621"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38180","reference_id":"CVE-2023-38180","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-24T20:42:20Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38180"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-38180","reference_id":"CVE-2023-38180","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-38180"},{"reference_url":"https://github.com/advisories/GHSA-vmch-3w2x-vhgq","reference_id":"GHSA-vmch-3w2x-vhgq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vmch-3w2x-vhgq"},{"reference_url":"https://github.com/dotnet/runtime/security/advisories/GHSA-vmch-3w2x-vhgq","reference_id":"GHSA-vmch-3w2x-vhgq","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/runtime/security/advisories/GHSA-vmch-3w2x-vhgq"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4639","reference_id":"RHSA-2023:4639","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4639"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4640","reference_id":"RHSA-2023:4640","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4640"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4641","reference_id":"RHSA-2023:4641","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4641"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4642","reference_id":"RHSA-2023:4642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4643","reference_id":"RHSA-2023:4643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4643"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4644","reference_id":"RHSA-2023:4644","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4644"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4645","reference_id":"RHSA-2023:4645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4645"},{"reference_url":"https://usn.ubuntu.com/6278-1/","reference_id":"USN-6278-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6278-1/"},{"reference_url":"https://usn.ubuntu.com/6278-2/","reference_id":"USN-6278-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6278-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66524?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@6.0.21","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@6.0.21"},{"url":"http://public2.vulnerablecode.io/api/packages/66523?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@7.0.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@7.0.10"}],"aliases":["CVE-2023-38180","GHSA-vmch-3w2x-vhgq"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dq9y-u457-6uhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43306?format=json","vulnerability_id":"VCID-eayc-8yee-3fdd","summary":"This advisory has been marked as False-Positive and removed.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29117.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29117.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29117","reference_id":"","reference_type":"","scores":[{"value":"0.01387","scoring_system":"epss","scoring_elements":"0.80671","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01387","scoring_system":"epss","scoring_elements":"0.80695","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01387","scoring_system":"epss","scoring_elements":"0.807","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01387","scoring_system":"epss","scoring_elements":"0.80698","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01387","scoring_system":"epss","scoring_elements":"0.80692","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29117"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/dotnet/aspnetcore","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore"},{"reference_url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-3rq8-h3gj-r5c6","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-3rq8-h3gj-r5c6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29117","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:34:50Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29117"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083647","reference_id":"2083647","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083647"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29117","reference_id":"CVE-2022-29117","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29117"},{"reference_url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117","reference_id":"CVE-2022-29117","reference_type":"","scores":[],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117"},{"reference_url":"https://github.com/advisories/GHSA-3rq8-h3gj-r5c6","reference_id":"GHSA-3rq8-h3gj-r5c6","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3rq8-h3gj-r5c6"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2194","reference_id":"RHSA-2022:2194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2195","reference_id":"RHSA-2022:2195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2196","reference_id":"RHSA-2022:2196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2199","reference_id":"RHSA-2022:2199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2200","reference_id":"RHSA-2022:2200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2202","reference_id":"RHSA-2022:2202","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4588","reference_id":"RHSA-2022:4588","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4588"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144786?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@6.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@6.0.5"}],"aliases":["CVE-2022-29117","GHSA-3rq8-h3gj-r5c6"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eayc-8yee-3fdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102666?format=json","vulnerability_id":"VCID-ezwq-a93y-3be1","summary":"dotnet: parsing HTML causes Denial of Service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29145.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29145.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29145","reference_id":"","reference_type":"","scores":[{"value":"0.04164","scoring_system":"epss","scoring_elements":"0.88891","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04164","scoring_system":"epss","scoring_elements":"0.88875","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04164","scoring_system":"epss","scoring_elements":"0.88892","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29145"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-fcg8-mg9g-6hc4","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-fcg8-mg9g-6hc4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29145","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T13:50:08Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29145"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29145","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29145"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083649","reference_id":"2083649","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083649"},{"reference_url":"https://github.com/advisories/GHSA-fcg8-mg9g-6hc4","reference_id":"GHSA-fcg8-mg9g-6hc4","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fcg8-mg9g-6hc4"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2194","reference_id":"RHSA-2022:2194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2195","reference_id":"RHSA-2022:2195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2196","reference_id":"RHSA-2022:2196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2199","reference_id":"RHSA-2022:2199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2200","reference_id":"RHSA-2022:2200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2202","reference_id":"RHSA-2022:2202","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4588","reference_id":"RHSA-2022:4588","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4588"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144786?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@6.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@6.0.5"}],"aliases":["CVE-2022-29145","GHSA-fcg8-mg9g-6hc4"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ezwq-a93y-3be1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42327?format=json","vulnerability_id":"VCID-fye5-kup4-mkfn","summary":"Denial Of Service\nThis advisory has been marked as a false positive.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21986.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21986.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21986","reference_id":"","reference_type":"","scores":[{"value":"0.017","scoring_system":"epss","scoring_elements":"0.82632","published_at":"2026-06-04T12:55:00Z"},{"value":"0.017","scoring_system":"epss","scoring_elements":"0.8265","published_at":"2026-06-08T12:55:00Z"},{"value":"0.017","scoring_system":"epss","scoring_elements":"0.82656","published_at":"2026-06-07T12:55:00Z"},{"value":"0.017","scoring_system":"epss","scoring_elements":"0.82658","published_at":"2026-06-06T12:55:00Z"},{"value":"0.017","scoring_system":"epss","scoring_elements":"0.82659","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21986"},{"reference_url":"https://github.com/dotnet/announcements/issues/207","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/announcements/issues/207"},{"reference_url":"https://github.com/dotnet/aspnetcore","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore"},{"reference_url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-x459-p2rx-f8ff","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/aspnetcore/security/advisories/GHSA-x459-p2rx-f8ff"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HMQOHV7G5TF6OMBN6DNTDOKQQU7KHMM","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HMQOHV7G5TF6OMBN6DNTDOKQQU7KHMM"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HMQOHV7G5TF6OMBN6DNTDOKQQU7KHMM/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HMQOHV7G5TF6OMBN6DNTDOKQQU7KHMM/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCTBSBE3PNIMXG6ALX2CQG4ZEH7W3YAT","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCTBSBE3PNIMXG6ALX2CQG4ZEH7W3YAT"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCTBSBE3PNIMXG6ALX2CQG4ZEH7W3YAT/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCTBSBE3PNIMXG6ALX2CQG4ZEH7W3YAT/"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21986","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21986"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2051490","reference_id":"2051490","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2051490"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-21986","reference_id":"CVE-2022-21986","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-21986"},{"reference_url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21986","reference_id":"CVE-2022-21986","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21986"},{"reference_url":"https://github.com/advisories/GHSA-x459-p2rx-f8ff","reference_id":"GHSA-x459-p2rx-f8ff","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x459-p2rx-f8ff"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0495","reference_id":"RHSA-2022:0495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0496","reference_id":"RHSA-2022:0496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0499","reference_id":"RHSA-2022:0499","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0499"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0500","reference_id":"RHSA-2022:0500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0500"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144555?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@6.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@6.0.2"}],"aliases":["CVE-2022-21986","GHSA-x459-p2rx-f8ff"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fye5-kup4-mkfn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43305?format=json","vulnerability_id":"VCID-knv1-ccs2-z3h9","summary":"Uncontrolled Resource Consumption\n.NET, Visual Studio and PowerShell Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-29117, CVE-2022-29145.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23267.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23267.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23267","reference_id":"","reference_type":"","scores":[{"value":"0.06422","scoring_system":"epss","scoring_elements":"0.91219","published_at":"2026-06-08T12:55:00Z"},{"value":"0.06422","scoring_system":"epss","scoring_elements":"0.91213","published_at":"2026-06-04T12:55:00Z"},{"value":"0.06422","scoring_system":"epss","scoring_elements":"0.91226","published_at":"2026-06-06T12:55:00Z"},{"value":"0.06422","scoring_system":"epss","scoring_elements":"0.91223","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23267"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/dotnet/announcements/issues/221","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/announcements/issues/221"},{"reference_url":"https://github.com/dotnet/runtime/security/advisories/GHSA-485p-mrj5-8w2v","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/runtime/security/advisories/GHSA-485p-mrj5-8w2v"},{"reference_url":"https://github.com/PowerShell/Announcements/issues/32","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/PowerShell/Announcements/issues/32"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23267","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:36:15Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23267"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083650","reference_id":"2083650","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083650"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23267","reference_id":"CVE-2022-23267","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23267"},{"reference_url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23267","reference_id":"CVE-2022-23267","reference_type":"","scores":[],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23267"},{"reference_url":"https://github.com/advisories/GHSA-485p-mrj5-8w2v","reference_id":"GHSA-485p-mrj5-8w2v","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-485p-mrj5-8w2v"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2194","reference_id":"RHSA-2022:2194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2195","reference_id":"RHSA-2022:2195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2196","reference_id":"RHSA-2022:2196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2199","reference_id":"RHSA-2022:2199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2200","reference_id":"RHSA-2022:2200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2202","reference_id":"RHSA-2022:2202","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4588","reference_id":"RHSA-2022:4588","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4588"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144786?format=json","purl":"pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@6.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@6.0.5"}],"aliases":["CVE-2022-23267","GHSA-485p-mrj5-8w2v"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-knv1-ccs2-z3h9"}],"fixing_vulnerabilities":[],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64@6.0.0"}