CVE-2023-35390

Name
CVE-2023-35390
Description
.NET and Visual Studio Remote Code Execution Vulnerability
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
vendor-advisory https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35390
MISC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CL2L4WE5QRT7WEXANYXSKSU43APC5N2V/
MISC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NWVZFKTLNMNKPZ755EMRYIA6GHFOWGKY/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:* visual-studio-2022 >= 17.2.0 < 17.2.18
cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:* visual-studio-2022 >= 17.4.0 < 17.4.10
cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:* visual-studio >= 17.6.0 < 17.6.6
cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* .net >= 6.0.0 < 6.0.21
cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:* .net >= 7.0.0 < 7.0.10

Vulnerable and fixed packages

Source package Branch Version Maintainer Status