VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-wx18-a8wu-aaan

Essentials
Severities (125)
References (38)
Severity details (29)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-wx18-a8wu-aaan
Aliases	CVE-2022-29117 GHSA-3rq8-h3gj-r5c6
Summary	Uncontrolled Resource Consumption .NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-23267, CVE-2022-29145.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-400	Uncontrolled Resource Consumption
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-565	Reliance on Cookies without Validation and Integrity Checking

System	Score	Found at
rhas	Important	https://access.redhat.com/errata/RHSA-2022:2194
rhas	Important	https://access.redhat.com/errata/RHSA-2022:2195
rhas	Important	https://access.redhat.com/errata/RHSA-2022:2196
rhas	Important	https://access.redhat.com/errata/RHSA-2022:2199
rhas	Important	https://access.redhat.com/errata/RHSA-2022:2200
rhas	Important	https://access.redhat.com/errata/RHSA-2022:2202
rhas	Important	https://access.redhat.com/errata/RHSA-2022:4588
cvssv3	7.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29117.json
epss	0.00067	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.00080	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.00080	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.00080	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.00174	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.00202	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.00202	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.00202	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.00202	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.00202	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.00202	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.00202	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.00202	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.00202	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.00240	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01512	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01512	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01512	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01512	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01512	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01512	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01512	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01512	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01512	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01512	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01512	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01512	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01512	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01512	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01512	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01512	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01512	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01512	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01512	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01512	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01811	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01811	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01811	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01811	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01811	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01811	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01811	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01811	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01811	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01811	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01811	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.01811	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
epss	0.05763	https://api.first.org/data/v1/epss?cve=CVE-2022-29117
rhbs	high	https://bugzilla.redhat.com/show_bug.cgi?id=2083647
cvssv3.1	7.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-3rq8-h3gj-r5c6
cvssv3.1	7.5	https://github.com/dotnet/aspnetcore
cvssv3.1	8.1	https://github.com/dotnet/aspnetcore
generic_textual	HIGH	https://github.com/dotnet/aspnetcore
cvssv3.1	7.5	https://github.com/dotnet/aspnetcore/security/advisories/GHSA-3rq8-h3gj-r5c6
cvssv3.1_qr	HIGH	https://github.com/dotnet/aspnetcore/security/advisories/GHSA-3rq8-h3gj-r5c6
generic_textual	HIGH	https://github.com/dotnet/aspnetcore/security/advisories/GHSA-3rq8-h3gj-r5c6
cvssv3.1	7.5	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO
cvssv3.1	7.5	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB
cvssv3.1	7.5	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY
cvssv3.1	7.5	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO
cvssv3.1	7.5	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB
cvssv3.1	7.5	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY
cvssv3.1	7.5	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29117
generic_textual	HIGH	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29117
cvssv2	5.0	https://nvd.nist.gov/vuln/detail/CVE-2022-29117
cvssv3	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-29117
cvssv3.1	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-29117
generic_textual	HIGH	https://nvd.nist.gov/vuln/detail/CVE-2022-29117
cvssv3.1	7.5	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117
generic_textual	HIGH	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29117.json
		https://api.first.org/data/v1/epss?cve=CVE-2022-29117
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/dotnet/aspnetcore
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/
		https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29117
		https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117
2083647		https://bugzilla.redhat.com/show_bug.cgi?id=2083647
cpe:2.3:a:microsoft:.net:5.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net:5.0:::::::*
cpe:2.3:a:microsoft:.net:6.0.0:-::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net:6.0.0:-::::::
cpe:2.3:a:microsoft:.net_core:3.1:-::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_core:3.1:-::::::
cpe:2.3:a:microsoft:visual_studio_2019::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:visual_studio_2019::::::::
cpe:2.3:a:microsoft:visual_studio_2022:17.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:visual_studio_2022:17.0:::::::*
cpe:2.3:a:microsoft:visual_studio_2022:17.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:visual_studio_2022:17.1:::::::*
cpe:2.3:o:fedoraproject:fedora:34:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:34:::::::*
cpe:2.3:o:fedoraproject:fedora:35:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:35:::::::*
cpe:2.3:o:fedoraproject:fedora:36:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:36:::::::*
CVE-2022-29117		https://nvd.nist.gov/vuln/detail/CVE-2022-29117
GHSA-3rq8-h3gj-r5c6		https://github.com/advisories/GHSA-3rq8-h3gj-r5c6
GHSA-3rq8-h3gj-r5c6		https://github.com/dotnet/aspnetcore/security/advisories/GHSA-3rq8-h3gj-r5c6
RHSA-2022:2194		https://access.redhat.com/errata/RHSA-2022:2194
RHSA-2022:2195		https://access.redhat.com/errata/RHSA-2022:2195
RHSA-2022:2196		https://access.redhat.com/errata/RHSA-2022:2196
RHSA-2022:2199		https://access.redhat.com/errata/RHSA-2022:2199
RHSA-2022:2200		https://access.redhat.com/errata/RHSA-2022:2200
RHSA-2022:2202		https://access.redhat.com/errata/RHSA-2022:2202
RHSA-2022:4588		https://access.redhat.com/errata/RHSA-2022:4588

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29117.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/dotnet/aspnetcore

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Found at https://github.com/dotnet/aspnetcore

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/dotnet/aspnetcore/security/advisories/GHSA-3rq8-h3gj-r5c6

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29117

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2022-29117

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-29117

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-29117

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.31876
EPSS Score	0.00067
Published At	Jan. 16, 2025, midnight

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.