canonical ubuntu-linux CVE-2023-38180 vulnerability in Canonical and Other Products
Published on August 8, 2023

product logo product logo product logo product logo
.NET and Visual Studio Denial of Service Vulnerability

Github Repository Vendor Advisory NVD

Known Exploited Vulnerability

This Microsoft .NET Core and Visual Studio Denial of Service Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Microsoft .NET Core and Visual Studio contain an unspecified vulnerability that allows for denial of service.

The following remediation steps are recommended / required by August 30, 2023: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Vulnerability Analysis

CVE-2023-38180 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.


Products Associated with CVE-2023-38180

You can be notified by stack.watch whenever vulnerabilities like CVE-2023-38180 are published in these products:

 
 
 
 
 

What versions are vulnerable to CVE-2023-38180?

Vulnerable Packages

The following package name and versions may be associated with CVE-2023-38180

Package Manager Vulnerable Package Versions Fixed In
nuget Microsoft.AspNetCore.App.Runtime.win-x86 >= 7.0.0, <= 7.0.9 7.0.10
nuget Microsoft.AspNetCore.App.Runtime.win-x64 >= 7.0.0, <= 7.0.9 7.0.10
nuget Microsoft.AspNetCore.App.Runtime.win-arm64 >= 7.0.0, <= 7.0.9 7.0.10