gsd-2022-24512
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
.NET and Visual Studio Remote Code Execution Vulnerability
Aliases
Aliases
{ "GSD": { "alias": "CVE-2022-24512", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "id": "GSD-2022-24512", "references": [ "https://access.redhat.com/errata/RHSA-2022:0832", "https://access.redhat.com/errata/RHSA-2022:0830", "https://access.redhat.com/errata/RHSA-2022:0829", "https://access.redhat.com/errata/RHSA-2022:0828", "https://access.redhat.com/errata/RHSA-2022:0827", "https://access.redhat.com/errata/RHSA-2022:0826", "https://linux.oracle.com/cve/CVE-2022-24512.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2022-24512" ], "details": ".NET and Visual Studio Remote Code Execution Vulnerability", "id": "GSD-2022-24512", "modified": "2023-12-13T01:19:42.908063Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2022-24512", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "16.0.0", "version_value": "16.7.26" } ] } }, { "product_name": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "15.0.0", "version_value": "16.9.18" } ] } }, { "product_name": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "16.11.0", "version_value": "16.11.11" } ] } }, { "product_name": "Microsoft Visual Studio 2022 version 17.0", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "17.0.0", "version_value": "17.0.7" } ] } }, { "product_name": ".NET 5.0", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "5.0.0", "version_value": "5.0.15" } ] } }, { "product_name": ".NET 6.0", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "6.0.0", "version_value": "6.0.3" } ] } }, { "product_name": ".NET Core 3.1", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "3.1", "version_value": "3.1.23" } ] } }, { "product_name": "PowerShell 7.2", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "7.2.0", "version_value": "7.2.2" } ] } }, { "product_name": "PowerShell 7.0", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "7.0.0", "version_value": "7.0.9" } ] } }, { "product_name": "PowerShell 7.1", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "7.1.0", "version_value": "7.1.6" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": ".NET and Visual Studio Remote Code Execution Vulnerability" } ] }, "impact": { "cvss": [ { "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C", "version": "3.1" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24512", "refsource": "MISC", "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24512" } ] } }, "gitlab.com": { "advisories": [ { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "8b1938eb-6a84-4111-af0f-18485dbc113e" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "64dbf739-8374-4c32-9f72-0833d473bc69" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "23922f15-b58a-4d88-aec4-38e8598d34bf" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-x86", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "a23db459-d5a7-4a8c-a35d-619918ed4560" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.browser-wasm", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "063036ab-4f0d-4461-a7f7-42c419fcd13e" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-arm", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "82dc0fa8-38c3-4cc2-b8d6-12dd003c8317" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "3e4f5a2d-007e-4069-b95b-157b0c67f6bb" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "1797be0e-7009-44f6-abb1-7502cb4e9520" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-x86", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "2d840f93-b836-4396-aa0b-1f7fbda70f24" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.browser-wasm", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "49aed9aa-b86e-48f6-aa78-9ebaf9e2afb0" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.ios-arm", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "22d977b9-dca2-4276-8353-cb2dc97670c5" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.ios-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "786171be-43a0-4879-a498-8f77c53229a3" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "9f714152-a571-4c2d-a4ec-a982c3d13fd7" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "d8e1b6fc-777c-4f4b-b9a4-b0527c0f08af" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-x86", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "36a0bf69-5f03-481b-8660-9dba6ba9d43c" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.maccatalyst-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "2c08fd81-1818-4edb-a552-0d6fcbb74161" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.maccatalyst-x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "e48adff9-2492-43bb-b40a-bc1d81a01f59" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvos-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "46b9e502-1e6a-4410-a267-cfe3b84e5f5e" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvossimulator-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "6be33889-ef86-4b33-8290-7e8314a7dfb4" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvossimulator-x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "f0b003bf-effd-4318-850b-d7f120e5b5bc" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm.Msi.x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "5ed14687-2713-4a3f-9b32-12e3671afa0f" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "1a02b37f-23d6-4a8a-a29b-8c17414c6d59" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64.Msi.x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "87a7108e-c91b-4198-bec7-cc5101b89583" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "cef07dc9-7d12-4ece-b526-bb9a5022d68d" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64.Msi.x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "3212a3b4-ef57-4585-80cc-d757b0d14c4d" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "0ac23687-c4f2-4b0c-8e5c-ed3591ab77a6" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86.Msi.x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "ec670797-6de9-4a91-bade-2b26d4cca0cd" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "b6e778b5-62bc-429f-99ff-0a49890f4f20" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm.Msi.x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "5eba2eca-2b6d-4994-bbce-2d86cf667de5" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "ba159a4f-c195-4be3-af89-62c1f74aed23" }, { "affected_range": "[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to versions 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "699a2049-0666-42d6-9055-5970c9762e95" }, { "affected_range": "[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64", "pubdate": "2022-10-18", "solution": "Upgrade to versions 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "0b584ee6-bb6a-4878-8edd-4f47dce42910" }, { "affected_range": "[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64", "pubdate": "2022-10-18", "solution": "Upgrade to versions 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "d1c4f0e1-f8ec-43c0-b20a-2857e0190a05" }, { "affected_range": "[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to versions 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "376bcfd1-a1c3-4037-8b28-ca8c557615f1" }, { "affected_range": "[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64", "pubdate": "2022-10-18", "solution": "Upgrade to versions 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "0bcdabb5-50bd-4923-af03-8969f7a1e207" }, { "affected_range": "[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64", "pubdate": "2022-10-18", "solution": "Upgrade to versions 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "249f1d22-50e9-4cd6-b591-a44fbbf6382d" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "23e016eb-82fd-43d5-9968-1dfc5e9862ab" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "210d3736-6507-4c6d-af74-10b8b75f70e5" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x86", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "85218d03-2fca-4199-aa06-3b4a3872ddb5" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.android-arm", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "a865a177-6e12-4582-b00d-be6227d71f1d" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "a619a5e7-f4f1-47c3-ae6a-faa68b1504c4" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "04240794-c781-4ef4-888e-5922648b0d8e" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x86", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "661fe3cb-97d7-437e-af6d-1b628a5e5f94" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.android-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "15e482bd-9388-47b0-b8ec-ba8c237a1058" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "55a2d927-e2ff-4e5a-bf4d-38fff382e9c6" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "da95c2fe-c481-4f1e-9c73-716efdc3f654" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x86", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "be70ffab-a59f-459a-976f-794ccce51eaf" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.android-x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "f1d47144-ee88-43e3-bc79-8dcbacc39d82" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "ef553da9-9751-4053-a29f-999e2698def2" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "cab2655c-95cd-498a-8741-17db10c42890" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x86", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "db8b1c31-2615-4b5b-8d3b-134554c0958d" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.android-x86", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "d5dd9637-43ad-45c0-b545-8ac5500dec9e" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "52285aab-f729-4bab-85b7-c9f95438a8d7" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "16058bca-2b0c-4856-b7a9-c8088652aec3" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.x86", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "925e1c83-f788-4b1c-9965-2c9b68337e2f" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.browser-wasm", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "48ed93c8-a752-4e5f-a4f3-a8b4b3878ce6" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "2edb0097-c813-4e2d-b53c-5aca91895946" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "53b8df8a-4680-472a-aa76-333094f9ec4d" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.x86", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "40205b3e-1d43-4be6-9603-0ffe912f34b9" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.ios-arm", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "b88c728e-0f11-4264-978c-391b73126b8e" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "cd84c8af-f352-459a-8dc3-1fede854a379" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "5efc246a-6fbc-4fa3-99e5-710bfa0b6d18" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.x86", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "872ae514-ba47-4f20-86b8-6680dd4df487" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.ios-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "6885deb2-0295-48d6-b637-067e02974407" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "397b63b3-5e43-47a5-a26d-c7df47c505e9" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "138eeaf7-889a-4e13-b0f3-6a4e88db98ad" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.x86", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "dc2cf043-6d97-434b-b0ca-dd87a6a29a38" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "d1060a9b-e6a0-4c30-81ec-f9e525be1fb8" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "2c59726f-869f-441f-ae6c-f36f7c7f89ce" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "3580c5b2-ffd7-4051-92f0-64f187899b90" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "1943fc7b-951a-4ade-a24d-92d789d67aff" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "b6833474-f69d-4082-9995-32af4a63c88a" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "c526cbcf-fd1d-403f-acde-50c7b74657c4" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x86", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "3ee84776-2660-4422-9400-1fe8611de64e" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "ed75b16a-2e92-4d7c-85a4-a6a7b6019f84" }, { "affected_range": "[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.linux-arm", "pubdate": "2022-10-18", "solution": "Upgrade to versions 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "6857e209-4293-40e2-8ba8-cf092d9d3a21" }, { "affected_range": "[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.linux-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to versions 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "f3be5003-63c6-4859-ad56-cb7ff5525355" }, { "affected_range": "[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64", "pubdate": "2022-10-18", "solution": "Upgrade to versions 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "0efba5b9-d708-4c9b-82ea-41346d518ab0" }, { "affected_range": "[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.linux-x64", "pubdate": "2022-10-18", "solution": "Upgrade to versions 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "2addef50-4815-45bc-b458-19e8c2b41543" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "f5d90a2e-62d5-4beb-86ce-5adb619be653" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "52257464-58de-464e-949d-1c5760464bc1" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x86", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "24b85508-9dda-4b59-b5b4-82e4c454437f" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "ecf37366-6e46-4978-82eb-704543733cc1" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "04cf82b3-c2ed-49f4-b22e-69299596f80d" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "91ba040b-6e60-40ec-b743-d1e73bc26bab" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.x86", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "7d259003-fafe-4286-afa6-0697b5bbef1e" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "dc99c022-3806-45dc-a4fb-0f12d53853a1" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.osx-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "a0c53b5e-b209-427a-ab8c-b0716e7772d2" }, { "affected_range": "[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.osx-x64", "pubdate": "2022-10-18", "solution": "Upgrade to versions 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "cdd1c235-bd3f-4f79-8637-7848c1068f2a" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "a7cee83e-d284-4077-ad0e-4774586a5898" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "972fc3d3-b841-439f-aa5d-6d8898748eab" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.x86", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "79ca49f1-30a7-421a-8ff0-5e350dd7c3e6" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.tvos-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "be389a42-1629-413a-a099-092e03e1a40d" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "ae9838f7-8e8a-4788-a01f-1ff0ccd6dfac" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "ac19e00d-1964-4caf-a8d8-a8464d7f93a9" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.x86", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "92dd1e73-7bd7-4679-99bf-e1ccf3288c77" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "47608227-50d6-4042-80cc-932e6098f28c" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64.Msi.arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "53d40e1c-6ebb-4dd7-86a1-1218fc16d494" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64.Msi.x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "e3181998-ed6d-49a2-bd51-be44e2c7c99a" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64.Msi.x86", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "381da91c-cc4a-4005-9b19-527e09e93f75" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "329e1fde-e54f-4dec-a55a-1e594968db07" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.win-x64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "b9c41756-ab76-4468-a94a-9bc6145f6105" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.Mono.win-x86", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "49057948-a562-453c-ac39-a608a891fd18" }, { "affected_range": "[3.0.0,3.1.23),[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 3.0.0 before 3.1.23, all versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "3.1.23", "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 3.0.0, all versions starting from 3.1.23 before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.linux-arm", "pubdate": "2022-10-18", "solution": "Upgrade to versions 3.1.23, 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "d7cded18-1354-487b-99a5-d648d89a9320" }, { "affected_range": "[3.0.0,3.1.23),[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 3.0.0 before 3.1.23, all versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "3.1.23", "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 3.0.0, all versions starting from 3.1.23 before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.linux-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to versions 3.1.23, 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "5abedca8-0922-439d-93c8-a0cb2b41065c" }, { "affected_range": "[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm", "pubdate": "2022-10-18", "solution": "Upgrade to versions 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "96d5e758-3898-4a22-a92e-2b806b8587ea" }, { "affected_range": "[3.0.0,3.1.23),[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 3.0.0 before 3.1.23, all versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "3.1.23", "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 3.0.0, all versions starting from 3.1.23 before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.linux-musl-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to versions 3.1.23, 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "f53ddb90-6b17-470d-966d-9a410fc9644c" }, { "affected_range": "[3.0.0,3.1.23),[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 3.0.0 before 3.1.23, all versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "3.1.23", "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 3.0.0, all versions starting from 3.1.23 before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.linux-musl-x64", "pubdate": "2022-10-18", "solution": "Upgrade to versions 3.1.23, 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "be2714ed-3c73-432e-a45c-0e9a7107b8cd" }, { "affected_range": "[3.0.0,3.1.23),[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 3.0.0 before 3.1.23, all versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "3.1.23", "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 3.0.0, all versions starting from 3.1.23 before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.linux-x64", "pubdate": "2022-10-18", "solution": "Upgrade to versions 3.1.23, 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "05ae7d03-8530-4222-b61b-9c116f086f9f" }, { "affected_range": "[6.0.0,6.0.3)", "affected_versions": "All versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.osx-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to version 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "58373e35-ea80-4d5c-ba11-cab8d9ee6714" }, { "affected_range": "[3.0.0,3.1.23),[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 3.0.0 before 3.1.23, all versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "3.1.23", "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 3.0.0, all versions starting from 3.1.23 before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.osx-x64", "pubdate": "2022-10-18", "solution": "Upgrade to versions 3.1.23, 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "c67c2a10-8f80-4dd6-9c6c-d06fc2054cff" }, { "affected_range": "[3.0.0,3.1.23),[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 3.0.0 before 3.1.23, all versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "3.1.23", "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 3.0.0, all versions starting from 3.1.23 before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.win-arm", "pubdate": "2022-10-18", "solution": "Upgrade to versions 3.1.23, 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "5fd32d0f-dc56-4380-b6ed-a05db616d84a" }, { "affected_range": "[3.0.0,3.1.23),[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 3.0.0 before 3.1.23, all versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "3.1.23", "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 3.0.0, all versions starting from 3.1.23 before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.win-arm64", "pubdate": "2022-10-18", "solution": "Upgrade to versions 3.1.23, 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "96ca9a44-0282-4c52-a5f2-820529e69e32" }, { "affected_range": "[3.0.0,3.1.23),[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 3.0.0 before 3.1.23, all versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "3.1.23", "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 3.0.0, all versions starting from 3.1.23 before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.win-x64", "pubdate": "2022-10-18", "solution": "Upgrade to versions 3.1.23, 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "e2e78c39-f299-4c83-b53e-6ce2803263d1" }, { "affected_range": "[3.0.0,3.1.23),[5.0.0,5.0.15),[6.0.0,6.0.3)", "affected_versions": "All versions starting from 3.0.0 before 3.1.23, all versions starting from 5.0.0 before 5.0.15, all versions starting from 6.0.0 before 6.0.3", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-78", "CWE-937" ], "date": "2022-10-18", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "3.1.23", "5.0.15", "6.0.3" ], "identifier": "CVE-2022-24512", "identifiers": [ "GHSA-c6w8-7mp3-34j9", "CVE-2022-24512" ], "not_impacted": "All versions before 3.0.0, all versions starting from 3.1.23 before 5.0.0, all versions starting from 5.0.15 before 6.0.0, all versions starting from 6.0.3", "package_slug": "nuget/Microsoft.NETCore.App.Runtime.win-x86", "pubdate": "2022-10-18", "solution": "Upgrade to versions 3.1.23, 5.0.15, 6.0.3 or above.", "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "urls": [ "https://github.com/dotnet/runtime/security/advisories/GHSA-c6w8-7mp3-34j9", "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://github.com/dotnet/announcements/issues/213", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://github.com/advisories/GHSA-c6w8-7mp3-34j9" ], "uuid": "fb7536d5-8ac6-4c0e-9135-a1882c511679" }, { "affected_range": "[5.0,6.0.0]", "affected_versions": "All versions starting from 5.0 up to 6.0.0", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cwe_ids": [ "CWE-1035", "CWE-937" ], "date": "2022-05-12", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [], "identifier": "CVE-2022-24512", "identifiers": [ "CVE-2022-24512" ], "not_impacted": "", "package_slug": "nuget/System.Text.Encodings.Web", "pubdate": "2022-03-09", "solution": "Unfortunately, there is no solution available yet.", "title": "Code Injection", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512" ], "uuid": "3e03e60f-954d-44b4-94f2-38bb9bac4d86" }, { "affected_range": "[7.0,7.0.9),[7.1,7.1.6),[7.2,7.2.2)", "affected_versions": "All versions starting from 7.0 before 7.0.9, all versions starting from 7.1 before 7.1.6, all versions starting from 7.2 before 7.2.2", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "cwe_ids": [ "CWE-1035", "CWE-937" ], "date": "2023-06-29", "description": ".NET and Visual Studio Remote Code Execution Vulnerability.", "fixed_versions": [ "7.0.9", "7.1.6", "7.2.2" ], "identifier": "CVE-2022-24512", "identifiers": [ "CVE-2022-24512" ], "not_impacted": "", "package_slug": "nuget/powershell", "pubdate": "2022-03-09", "solution": "Upgrade to version 7.0.9, 7.1.6, 7.2.2 or above.", "title": "Remote Code Execution", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2022-24512", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRGSPXMZY4RM2L35FYHCXBFROLC23B2V/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OS2Q4NPRSARP7GHLKFLIYHFOPSYDO6MK/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIJGCVKLHVNLFBTEYJGWS43QG5DYJFBL/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF/" ], "uuid": "c11f56e3-806c-44bd-a7ee-12bc81a4e13b" } ] }, "nvd.nist.gov": { "cve": { "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:.net:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "C8F02D5C-61F1-4381-8D64-8BEB5CED0DC6", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:6.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "1DE0C8DD-9C73-4876-8193-068F18074B58", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_core:3.1:-:*:*:*:*:*:*", "matchCriteriaId": "70BE107E-20A0-4998-A8ED-BCC414C6BDBF", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*", "matchCriteriaId": "77F72A4A-239D-4362-B42C-2B125FD977AB", "versionEndExcluding": "7.0.9", "versionStartIncluding": "7.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*", "matchCriteriaId": "A2C644EF-33B6-440F-8051-6A0D3C096F67", "versionEndExcluding": "7.1.6", "versionStartIncluding": "7.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*", "matchCriteriaId": "CD5CE10E-FCBF-4FBA-9B4E-BEB7F7E902A1", "versionEndExcluding": "7.2.2", "versionStartIncluding": "7.2", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", "matchCriteriaId": "A6222A0C-EC9B-4AB2-A89F-5D62B381A212", "versionEndIncluding": "16.6.4", "versionStartIncluding": "16.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", "matchCriteriaId": "367AC9B2-D639-40F6-93FB-822F73E65C30", "versionEndExcluding": "16.7.26", "versionStartIncluding": "16.7.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", "matchCriteriaId": "AC9599DF-664B-4630-9FCD-7FCD846728A1", "versionEndIncluding": "16.8.7", "versionStartIncluding": "16.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", "matchCriteriaId": "4338A4F9-0FE2-40F4-B184-86B9F5EF1EED", "versionEndExcluding": "16.9.18", "versionStartIncluding": "16.9.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", "matchCriteriaId": "7B6E2777-4D9B-4710-9575-250B04E1AE0C", "versionEndIncluding": "16.10.4", "versionStartIncluding": "16.10.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", "matchCriteriaId": "F1265006-B9CB-4E89-B6E8-F9EC1D6C7405", "versionEndExcluding": "16.11.11", "versionStartIncluding": "16.11.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "matchCriteriaId": "6C72810F-D156-49CE-A325-7E6A63C9E4A3", "versionEndExcluding": "17.0.7", "versionStartIncluding": "17.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true }, { "criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", "vulnerable": true }, { "criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "descriptions": [ { "lang": "en", "value": ".NET and Visual Studio Remote Code Execution Vulnerability" }, { "lang": "es", "value": "Una vulnerabilidad de Ejecuci\u00f3n de C\u00f3digo Remota en .NET y Visual Studio" } ], "id": "CVE-2022-24512", "lastModified": "2023-12-21T01:43:55.993", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "secure@microsoft.com", "type": "Primary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "nvd@nist.gov", "type": "Secondary" } ] }, "published": "2022-03-09T17:15:15.737", "references": [ { "source": "secure@microsoft.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24512" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] } } } }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.