CVE-2021-26423 vulnerability in Microsoft Products
Published on August 12, 2021

Products Associated with CVE-2021-26423

Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.

Affected Versions

Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8):

• Version 15.9.0 and below 15.9.38 is affected.

Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3):

• Version 16.0 and below 16.4.25 is affected.

Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6):

• Version 16.0.0 and below 16.7.18 is affected.

Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8):

• Version 15.0.0 and below 16.9.10 is affected.

Microsoft Visual Studio 2019 version 16.10 (includes 16.0 - 16.9):

• Version 16.10.0 and below 16.10.5 is affected.

Microsoft Visual Studio 2019 for Mac version 8.10:

• Version 8.1.0 and below 8.10.7 is affected.

Microsoft .NET Core 2.1:

• Version 2.1 and below 2.1.30 is affected.

Microsoft .NET Core 3.1:

• Version 3.1 and below 3.1.18 is affected.

Microsoft .NET 5.0:

• Version 5.0.0 and below 5.0.9 is affected.

Microsoft PowerShell Core 7.1:

• Version 7.1.0 and below 7.1.4 is affected.

Microsoft PowerShell Core 7.0:

• Version 7.0.0 and below 7.0.7 is affected.

Vulnerable Packages

The following package name and versions may be associated with CVE-2021-26423

Package Manager	Vulnerable Package	Versions	Fixed In
nuget	Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64	>= 5.0.0, < 5.0.9	5.0.9
nuget	Microsoft.NETCore.App.Runtime.Mono.linux-x64	>= 5.0.0, < 5.0.9	5.0.9
nuget	Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64	>= 5.0.0, < 5.0.9	5.0.9
nuget	Microsoft.NETCore.App.Runtime.Mono.linux-arm64	>= 5.0.0, < 5.0.9	5.0.9
nuget	Microsoft.NETCore.App.Runtime.Mono.linux-arm	>= 5.0.0, < 5.0.9	5.0.9
nuget	Microsoft.NETCore.App.Runtime.linux-x64	>= 3.1.0, < 3.1.18	3.1.18
nuget	Microsoft.NETCore.App.Runtime.linux-x64	>= 5.0.0, < 5.0.9	5.0.9
nuget	Microsoft.NETCore.App.Runtime.linux-musl-x64	>= 3.1.0, < 3.1.18	3.1.18
nuget	Microsoft.NETCore.App.Runtime.linux-musl-x64	>= 5.0.0, < 5.0.9	5.0.9
nuget	Microsoft.NETCore.App.Runtime.linux-musl-arm64	>= 3.1.0, < 3.1.18	3.1.18
nuget	Microsoft.NETCore.App.Runtime.linux-musl-arm64	>= 5.0.0, < 5.0.9	5.0.9
nuget	Microsoft.NETCore.App.Runtime.linux-musl-arm	>= 5.0.0, < 5.0.9	5.0.9
nuget	Microsoft.NETCore.App.Runtime.rhel.6-x64	>= 3.1.0, < 3.1.18	3.1.18
nuget	Microsoft.NETCore.App.Runtime.linux-arm64	>= 3.1.0, < 3.1.18	3.1.18
nuget	Microsoft.NETCore.App.Runtime.linux-arm64	>= 5.0.0, < 5.0.9	5.0.9
nuget	Microsoft.NETCore.App.Runtime.linux-arm	>= 3.1.0, < 3.1.18	3.1.18
nuget	Microsoft.NETCore.App.Runtime.linux-arm	>= 5.0.0, < 5.0.9	5.0.9
nuget	Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64	>= 5.0.0, < 5.0.9	5.0.9
nuget	Microsoft.NETCore.App.Runtime.win-x86	>= 3.1.0, < 3.1.18	3.1.18
nuget	Microsoft.NETCore.App.Runtime.win-x86	>= 5.0.0, < 5.0.9	5.0.9
nuget	Microsoft.NETCore.App.Runtime.win-x64	>= 3.1.0, < 3.1.18	3.1.18
nuget	Microsoft.NETCore.App.Runtime.win-x64	>= 5.0.0, < 5.0.9	5.0.9
nuget	Microsoft.NETCore.App.Runtime.win-arm64	>= 3.1.0, < 3.1.18	3.1.18
nuget	Microsoft.NETCore.App.Runtime.win-arm64	>= 5.0.0, < 5.0.9	5.0.9
nuget	Microsoft.NETCore.App.Runtime.win-arm	>= 3.1.0, < 3.1.18	3.1.18
nuget	Microsoft.NETCore.App.Runtime.win-arm	>= 5.0.0, < 5.0.9	5.0.9
nuget	Microsoft.NETCore.App.Runtime.osx-x64	>= 3.1.0, < 3.1.18	3.1.18
nuget	Microsoft.NETCore.App.Runtime.osx-x64	>= 5.0.0, < 5.0.9	5.0.9
nuget	Microsoft.NETCore.App.Runtime.Mono.osx-x64	>= 5.0.0, < 5.0.9	5.0.9
nuget	Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64	>= 5.0.0, < 5.0.9	5.0.9
nuget	Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64	>= 5.0.0, < 5.0.9	5.0.9
nuget	Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64	>= 5.0.0, < 5.0.9	5.0.9
nuget	Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64	>= 5.0.0, < 5.0.9	5.0.9

Exploit Probability