Visual Studio 2022 Microsoft Visual Studio 2022

Do you want an email whenever new security vulnerabilities are reported in Microsoft Visual Studio 2022?

By the Year

In 2023 there have been 5 vulnerabilities in Microsoft Visual Studio 2022 with an average score of 7.4 out of ten. Last year Visual Studio 2022 had 16 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Visual Studio 2022 in 2023 could surpass last years number. Last year, the average CVE base score was greater by 0.50

Year Vulnerabilities Average Score
2023 5 7.36
2022 16 7.86
2021 1 7.80
2020 1 6.50
2019 0 0.00
2018 0 0.00

It may take a day or so for new Visual Studio 2022 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Visual Studio 2022 Security Vulnerabilities

.NET and Visual Studio Remote Code Execution Vulnerability

CVE-2023-21808 7.8 - High - February 14, 2023

.NET and Visual Studio Remote Code Execution Vulnerability

Visual Studio Remote Code Execution Vulnerability

CVE-2023-23381 7.8 - High - February 14, 2023

Visual Studio Remote Code Execution Vulnerability

Visual Studio Elevation of Privilege Vulnerability

CVE-2023-21566 7.8 - High - February 14, 2023

Visual Studio Elevation of Privilege Vulnerability

Visual Studio Denial of Service Vulnerability

CVE-2023-21567 5.6 - Medium - February 14, 2023

Visual Studio Denial of Service Vulnerability

Visual Studio Remote Code Execution Vulnerability

CVE-2023-21815 7.8 - High - February 14, 2023

Visual Studio Remote Code Execution Vulnerability

Visual Studio Remote Code Execution Vulnerability.

CVE-2022-41119 7.8 - High - November 09, 2022

Visual Studio Remote Code Execution Vulnerability.

NuGet Client Elevation of Privilege Vulnerability.

CVE-2022-41032 7.8 - High - October 11, 2022

NuGet Client Elevation of Privilege Vulnerability.

.NET Core and Visual Studio Denial of Service Vulnerability.

CVE-2022-38013 7.5 - High - September 13, 2022

.NET Core and Visual Studio Denial of Service Vulnerability.

Visual Studio Remote Code Execution Vulnerability

CVE-2022-35777 8.8 - High - August 09, 2022

Visual Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-35825, CVE-2022-35826, CVE-2022-35827.

Code Injection

Visual Studio Remote Code Execution Vulnerability

CVE-2022-35825 8.8 - High - August 09, 2022

Visual Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-35777, CVE-2022-35826, CVE-2022-35827.

Visual Studio Remote Code Execution Vulnerability

CVE-2022-35826 8.8 - High - August 09, 2022

Visual Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-35777, CVE-2022-35825, CVE-2022-35827.

Visual Studio Remote Code Execution Vulnerability

CVE-2022-35827 8.8 - High - August 09, 2022

Visual Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-35777, CVE-2022-35825, CVE-2022-35826.

.NET and Visual Studio Information Disclosure Vulnerability.

CVE-2022-30184 5.5 - Medium - June 15, 2022

.NET and Visual Studio Information Disclosure Vulnerability.

.NET and Visual Studio Denial of Service Vulnerability

CVE-2022-29117 7.5 - High - May 10, 2022

.NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-23267, CVE-2022-29145.

Resource Exhaustion

.NET and Visual Studio Denial of Service Vulnerability

CVE-2022-29145 7.5 - High - May 10, 2022

.NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-23267, CVE-2022-29117.

.NET and Visual Studio Denial of Service Vulnerability

CVE-2022-23267 7.5 - High - May 10, 2022

.NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-29117, CVE-2022-29145.

Resource Exhaustion

Visual Studio Elevation of Privilege Vulnerability.

CVE-2022-24513 7.8 - High - April 15, 2022

Visual Studio Elevation of Privilege Vulnerability.

GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account.

CVE-2022-24767 7.8 - High - April 12, 2022

GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account.

DLL preloading

.NET and Visual Studio Remote Code Execution Vulnerability.

CVE-2022-24512 8.8 - High - March 09, 2022

.NET and Visual Studio Remote Code Execution Vulnerability.

.NET and Visual Studio Denial of Service Vulnerability.

CVE-2022-24464 7.5 - High - March 09, 2022

.NET and Visual Studio Denial of Service Vulnerability.

.NET Denial of Service Vulnerability.

CVE-2022-21986 7.5 - High - February 09, 2022

.NET Denial of Service Vulnerability.

ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability

CVE-2021-43877 7.8 - High - December 15, 2021

ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash

CVE-2020-8927 6.5 - Medium - September 15, 2020

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits.

Classic Buffer Overflow

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Visual Studio 2022 or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

subscribe