CVE-2022-24464 in Microsoft and Fedora Project Products
Published on March 9, 2022
.NET and Visual Studio Denial of Service Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
Products Associated with CVE-2022-24464
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2022-24464 are published in these products:
Affected Versions
Microsoft .NET 6.0:- Version 6.0.0 and below 6.0.3 is affected.
- Version 5.0.0 and below 5.0.15 is affected.
- Version 3.1 and below 3.1.23 is affected.
- Version 16.0.0 and below 16.7.26 is affected.
- Version 15.0.0 and below 16.9.18 is affected.
- Version 16.11.0 and below 16.11.11 is affected.
- Version 17.0.0 and below 17.0.7 is affected.
Vulnerable Packages
The following package name and versions may be associated with CVE-2022-24464
| Package Manager | Vulnerable Package | Versions | Fixed In |
|---|---|---|---|
| nuget | Microsoft.AspNetCore.App.Runtime.linux-arm | >= 5.0.0, < 5.0.15 | 5.0.15 |
| nuget | Microsoft.AspNetCore.App.Runtime.win-arm64 | >= 5.0.0, < 5.0.15 | 5.0.15 |
| nuget | Microsoft.AspNetCore.App.Runtime.win-arm | >= 5.0.0, < 5.0.15 | 5.0.15 |
| nuget | Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 | >= 5.0.0, < 5.0.15 | 5.0.15 |
| nuget | Microsoft.AspNetCore.App.Runtime.linux-musl-arm | >= 5.0.0, < 5.0.15 | 5.0.15 |
| nuget | Microsoft.AspNetCore.App.Runtime.linux-arm | >= 6.0.0, < 6.0.3 | 6.0.3 |
| nuget | Microsoft.AspNetCore.App.Runtime.linux-arm64 | >= 6.0.0, < 6.0.3 | 6.0.3 |
| nuget | Microsoft.AspNetCore.App.Runtime.linux-musl-arm | >= 6.0.0, < 6.0.3 | 6.0.3 |
| nuget | Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 | >= 6.0.0, < 6.0.3 | 6.0.3 |
| nuget | Microsoft.AspNetCore.App.Runtime.linux-musl-x64 | >= 6.0.0, < 6.0.3 | 6.0.3 |
| nuget | Microsoft.AspNetCore.App.Runtime.linux-x64 | >= 6.0.0, < 6.0.3 | 6.0.3 |
| nuget | Microsoft.AspNetCore.App.Runtime.osx-arm64 | >= 6.0.0, < 6.0.3 | 6.0.3 |
| nuget | Microsoft.AspNetCore.App.Runtime.osx-x64 | >= 6.0.0, < 6.0.3 | 6.0.3 |
| nuget | Microsoft.AspNetCore.App.Runtime.win-arm | >= 6.0.0, < 6.0.3 | 6.0.3 |
| nuget | Microsoft.AspNetCore.App.Runtime.win-arm64 | >= 6.0.0, < 6.0.3 | 6.0.3 |
| nuget | Microsoft.AspNetCore.App.Runtime.win-x64 | >= 6.0.0, < 6.0.3 | 6.0.3 |
| nuget | Microsoft.AspNetCore.App.Runtime.win-x86 | >= 6.0.0, < 6.0.3 | 6.0.3 |
| nuget | Microsoft.AspNetCore.App.Runtime.linux-musl-x64 | >= 5.0.0, < 5.0.15 | 5.0.15 |
| nuget | Microsoft.AspNetCore.App.Runtime.linux-arm | >= 3.0.0, < 3.1.23 | 3.1.23 |
| nuget | Microsoft.AspNetCore.App.Runtime.linux-arm64 | >= 3.0.0, < 3.1.23 | 3.1.23 |
| nuget | Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 | >= 3.0.0, < 3.1.23 | 3.1.23 |
| nuget | Microsoft.AspNetCore.App.Runtime.linux-musl-x64 | >= 3.0.0, < 3.1.23 | 3.1.23 |
| nuget | Microsoft.AspNetCore.App.Runtime.linux-x64 | >= 3.0.0, < 3.1.23 | 3.1.23 |
| nuget | Microsoft.AspNetCore.App.Runtime.osx-x64 | >= 3.0.0, < 3.1.23 | 3.1.23 |
| nuget | Microsoft.AspNetCore.App.Runtime.win-arm | >= 3.0.0, < 3.1.23 | 3.1.23 |
| nuget | Microsoft.AspNetCore.App.Runtime.win-arm64 | >= 3.1.5, < 3.1.23 | 3.1.23 |
| nuget | Microsoft.AspNetCore.App.Runtime.win-x64 | >= 3.0.0, < 3.1.23 | 3.1.23 |
| nuget | Microsoft.AspNetCore.App.Runtime.win-x86 | >= 3.0.0, < 3.1.23 | 3.1.23 |
| nuget | Microsoft.AspNetCore.App.Runtime.win-x64 | >= 5.0.0, < 5.0.15 | 5.0.15 |
| nuget | Microsoft.AspNetCore.App.Runtime.linux-x64 | >= 5.0.0, < 5.0.15 | 5.0.15 |
| nuget | Microsoft.AspNetCore.App.Runtime.win-x86 | >= 5.0.0, < 5.0.15 | 5.0.15 |
| nuget | Microsoft.AspNetCore.App.Runtime.osx-x64 | >= 5.0.0, < 5.0.15 | 5.0.15 |
| nuget | Microsoft.AspNetCore.App.Runtime.linux-arm64 | >= 5.0.0, < 5.0.15 | 5.0.15 |
Exploit Probability
EPSS
2.38%
Percentile
84.77%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.