Visual Studio DoS via malformed input
CVE-2024-30046 Published on May 14, 2024

Visual Studio Denial of Service Vulnerability
Visual Studio Denial of Service Vulnerability

Github Repository Vendor Advisory NVD

Weakness Type

What is a Race Condition Vulnerability?

The program contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

CVE-2024-30046 has been classified to as a Race Condition vulnerability or weakness.

Products Associated with CVE-2024-30046

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2024-30046 are published in these products:

Canonical Ubuntu Linux

Microsoft Net

Microsoft Visual Studio 2022

Microsoft Visual Studio

Affected Versions

Microsoft .NET 7.0:

Version 7.0.0 and below 7.0.19 is affected.

Microsoft .NET 8.0:

Version 8.0 and below 8.0.5 is affected.

Microsoft Visual Studio 2022 version 17.9:

Version 17.0 and below 17.9.7 is affected.

Microsoft Visual Studio 2022 version 17.4:

Version 17.4.0 and below 17.4.19 is affected.

Microsoft Visual Studio 2022 version 17.6:

Version 17.6.0 and below 17.6.15 is affected.

Microsoft Visual Studio 2022 version 17.8:

Version 17.8.0 and below 17.8.10 is affected.

Vulnerable Packages

The following package name and versions may be associated with CVE-2024-30046

Package Manager	Vulnerable Package	Versions	Fixed In
nuget	Microsoft.AspNetCore.App.Runtime.win-arm	<= 7.0.18	7.0.19
nuget	Microsoft.AspNetCore.App.Runtime.linux-arm64	>= 8.0.0, <= 8.0.4	8.0.5
nuget	Microsoft.AspNetCore.App.Runtime.win-x86	>= 8.0.0, <= 8.0.4	8.0.5
nuget	Microsoft.AspNetCore.App.Runtime.win-x86	<= 7.0.18	7.0.19
nuget	Microsoft.AspNetCore.App.Runtime.win-x64	>= 8.0.0, <= 8.0.4	8.0.5
nuget	Microsoft.AspNetCore.App.Runtime.win-x64	<= 7.0.18	7.0.19
nuget	Microsoft.AspNetCore.App.Runtime.win-arm64	>= 8.0.0, <= 8.0.4	8.0.5
nuget	Microsoft.AspNetCore.App.Runtime.win-arm	>= 8.0.0, <= 8.0.4	8.0.5
nuget	Microsoft.AspNetCore.App.Runtime.linux-arm	<= 7.0.18	7.0.19
nuget	Microsoft.AspNetCore.App.Runtime.linux-arm	>= 8.0.0, <= 8.0.4	8.0.5
nuget	Microsoft.AspNetCore.App.Runtime.linux-arm64	<= 7.0.18	7.0.19
nuget	Microsoft.AspNetCore.App.Runtime.linux-musl-arm	>= 8.0.0, <= 8.0.4	8.0.5
nuget	Microsoft.AspNetCore.App.Runtime.linux-musl-arm	<= 7.0.18	7.0.19
nuget	Microsoft.AspNetCore.App.Runtime.linux-musl-arm64	<= 7.0.18	7.0.19
nuget	Microsoft.AspNetCore.App.Runtime.linux-musl-arm64	>= 8.0.0, <= 8.0.4	8.0.5
nuget	Microsoft.AspNetCore.App.Runtime.linux-musl-x64	<= 7.0.18	7.0.19
nuget	Microsoft.AspNetCore.App.Runtime.linux-musl-x64	>= 8.0.0, <= 8.0.4	8.0.5
nuget	Microsoft.AspNetCore.App.Runtime.linux-x64	<= 7.0.18	7.0.19
nuget	Microsoft.AspNetCore.App.Runtime.linux-x64	>= 8.0.0, <= 8.0.4	8.0.5
nuget	Microsoft.AspNetCore.App.Runtime.osx-arm64	<= 7.0.18	7.0.19
nuget	Microsoft.AspNetCore.App.Runtime.osx-arm64	>= 8.0.0, <= 8.0.4	8.0.5
nuget	Microsoft.AspNetCore.App.Runtime.osx-x64	<= 7.0.18	7.0.19
nuget	Microsoft.AspNetCore.App.Runtime.osx-x64	>= 8.0.0, <= 8.0.4	8.0.5
nuget	Microsoft.AspNetCore.App.Runtime.win-arm64	<= 7.0.18	7.0.19

Exploit Probability

EPSS

0.18%

Percentile

39.48%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.