cvelistv5 - cve-2024-50338

cve-2024-50338

Vulnerability from cvelistv5

Published

2025-01-14 18:11

Modified

2025-01-14 18:35

Severity ?

7.4 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

Summary

Git Credential Manager (GCM) is a secure Git credential helper built on .NET that runs on Windows, macOS, and Linux. The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format `key=value`. Git's documentation restricts the use of the NUL (`\0`) character and newlines to form part of the keys or values. When Git reads from standard input, it considers both LF and CRLF as newline characters for the credential protocol by virtue of calling `strbuf_getline` that calls to `strbuf_getdelim_strip_crlf`. Git also validates that a newline is not present in the value by checking for the presence of the line-feed character (LF, `\n`), and errors if this is the case. This captures both LF and CRLF-type newlines. Git Credential Manager uses the .NET standard library `StreamReader` class to read the standard input stream line-by-line and parse the `key=value` credential protocol format. The implementation of the `ReadLineAsync` method considers LF, CRLF, and CR as valid line endings. This is means that .NET considers a single CR as a valid newline character, whereas Git does not. This mismatch of newline treatment between Git and GCM means that an attacker can craft a malicious remote URL. When a user clones or otherwise interacts with a malicious repository that requires authentication, the attacker can capture credentials for another Git remote. The attack is also heightened when cloning from repositories with submodules when using the `--recursive` clone option as the user is not able to inspect the submodule remote URLs beforehand. This issue has been patched in version 2.6.1 and all users are advised to upgrade. Users unable to upgrade should only interact with trusted remote repositories, and not clone with `--recursive` to allow inspection of any submodule URLs before cloning those submodules.

References

▼	URL	Tags
	security-advisories@github.com	https://git-scm.com/docs/git-credential#IOFMT
	security-advisories@github.com	https://github.com/dotnet/runtime/blob/e476b43b5cb42eb44ce23b1c7b793aa361624cf6/src/libraries/System.Private.CoreLib/src/System/IO/StreamReader.cs#L926
	security-advisories@github.com	https://github.com/git-ecosystem/git-credential-manager/blob/ae009e11a0fbef804ad9f78816d84a0bc7e052fe/src/shared/Core/StreamExtensions.cs#L138-L141
	security-advisories@github.com	https://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b
	security-advisories@github.com	https://github.com/git-ecosystem/git-credential-manager/releases/tag/v2.6.1
	security-advisories@github.com	https://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g
	security-advisories@github.com	https://github.com/git/git/blob/6a11438f43469f3815f2f0fc997bd45792ff04c0/credential.c#L311
	security-advisories@github.com	https://learn.microsoft.com/en-us/dotnet/api/system.io.streamreader?view=net-8.0

Impacted products

	Vendor	Product	Version
	git-ecosystem	git-credential-manager	Version: < 2.6.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-50338",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-14T18:35:22.661757Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-14T18:35:33.115Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "git-credential-manager",
          "vendor": "git-ecosystem",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.6.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Git Credential Manager (GCM) is a secure Git credential helper built on .NET that runs on Windows, macOS, and Linux. The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format `key=value`. Git\u0027s documentation restricts the use of the NUL (`\\0`) character and newlines to form part of the keys or values. When Git reads from standard input, it considers both LF and CRLF as newline characters for the credential protocol by virtue of calling `strbuf_getline` that calls to `strbuf_getdelim_strip_crlf`. Git also validates that a newline is not present in the value by checking for the presence of the line-feed character (LF, `\\n`), and errors if this is the case. This captures both LF and CRLF-type newlines. Git Credential Manager uses the .NET standard library `StreamReader` class to read the standard input stream line-by-line and parse the `key=value` credential protocol format. The implementation of the `ReadLineAsync` method considers LF, CRLF, and CR as valid line endings. This is means that .NET considers a single CR as a valid newline character, whereas Git does not. This mismatch of newline treatment between Git and GCM means that an attacker can craft a malicious remote URL. When a user clones or otherwise interacts with a malicious repository that requires authentication, the attacker can capture credentials for another Git remote. The attack is also heightened when cloning from repositories with submodules when using the `--recursive` clone option as the user is not able to inspect the submodule remote URLs beforehand. This issue has been patched in version 2.6.1 and all users are advised to upgrade. Users unable to upgrade should only interact with trusted remote repositories, and not clone with `--recursive` to allow inspection of any submodule URLs before cloning those submodules."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-14T18:11:23.188Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g"
        },
        {
          "name": "https://git-scm.com/docs/git-credential#IOFMT",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://git-scm.com/docs/git-credential#IOFMT"
        },
        {
          "name": "https://github.com/dotnet/runtime/blob/e476b43b5cb42eb44ce23b1c7b793aa361624cf6/src/libraries/System.Private.CoreLib/src/System/IO/StreamReader.cs#L926",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/dotnet/runtime/blob/e476b43b5cb42eb44ce23b1c7b793aa361624cf6/src/libraries/System.Private.CoreLib/src/System/IO/StreamReader.cs#L926"
        },
        {
          "name": "https://github.com/git-ecosystem/git-credential-manager/blob/ae009e11a0fbef804ad9f78816d84a0bc7e052fe/src/shared/Core/StreamExtensions.cs#L138-L141",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/git-ecosystem/git-credential-manager/blob/ae009e11a0fbef804ad9f78816d84a0bc7e052fe/src/shared/Core/StreamExtensions.cs#L138-L141"
        },
        {
          "name": "https://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b"
        },
        {
          "name": "https://github.com/git-ecosystem/git-credential-manager/releases/tag/v2.6.1",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/git-ecosystem/git-credential-manager/releases/tag/v2.6.1"
        },
        {
          "name": "https://github.com/git/git/blob/6a11438f43469f3815f2f0fc997bd45792ff04c0/credential.c#L311",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/git/git/blob/6a11438f43469f3815f2f0fc997bd45792ff04c0/credential.c#L311"
        },
        {
          "name": "https://learn.microsoft.com/en-us/dotnet/api/system.io.streamreader?view=net-8.0",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://learn.microsoft.com/en-us/dotnet/api/system.io.streamreader?view=net-8.0"
        }
      ],
      "source": {
        "advisory": "GHSA-86c2-4x57-wc8g",
        "discovery": "UNKNOWN"
      },
      "title": "Carriage-return character in remote URL allows malicious repository to leak credentials in Git Credential Manager"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-50338",
    "datePublished": "2025-01-14T18:11:23.188Z",
    "dateReserved": "2024-10-22T17:54:40.954Z",
    "dateUpdated": "2025-01-14T18:35:33.115Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-50338\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-01-14T19:15:31.967\",\"lastModified\":\"2025-01-14T19:15:31.967\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Git Credential Manager (GCM) is a secure Git credential helper built on .NET that runs on Windows, macOS, and Linux. The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format `key=value`. Git\u0027s documentation restricts the use of the NUL (`\\\\0`) character and newlines to form part of the keys or values. When Git reads from standard input, it considers both LF and CRLF as newline characters for the credential protocol by virtue of calling `strbuf_getline` that calls to `strbuf_getdelim_strip_crlf`. Git also validates that a newline is not present in the value by checking for the presence of the line-feed character (LF, `\\\\n`), and errors if this is the case. This captures both LF and CRLF-type newlines. Git Credential Manager uses the .NET standard library `StreamReader` class to read the standard input stream line-by-line and parse the `key=value` credential protocol format. The implementation of the `ReadLineAsync` method considers LF, CRLF, and CR as valid line endings. This is means that .NET considers a single CR as a valid newline character, whereas Git does not. This mismatch of newline treatment between Git and GCM means that an attacker can craft a malicious remote URL. When a user clones or otherwise interacts with a malicious repository that requires authentication, the attacker can capture credentials for another Git remote. The attack is also heightened when cloning from repositories with submodules when using the `--recursive` clone option as the user is not able to inspect the submodule remote URLs beforehand. This issue has been patched in version 2.6.1 and all users are advised to upgrade. Users unable to upgrade should only interact with trusted remote repositories, and not clone with `--recursive` to allow inspection of any submodule URLs before cloning those submodules.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N\",\"baseScore\":7.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":4.0}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"references\":[{\"url\":\"https://git-scm.com/docs/git-credential#IOFMT\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/dotnet/runtime/blob/e476b43b5cb42eb44ce23b1c7b793aa361624cf6/src/libraries/System.Private.CoreLib/src/System/IO/StreamReader.cs#L926\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/git-ecosystem/git-credential-manager/blob/ae009e11a0fbef804ad9f78816d84a0bc7e052fe/src/shared/Core/StreamExtensions.cs#L138-L141\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/git-ecosystem/git-credential-manager/releases/tag/v2.6.1\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/git/git/blob/6a11438f43469f3815f2f0fc997bd45792ff04c0/credential.c#L311\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://learn.microsoft.com/en-us/dotnet/api/system.io.streamreader?view=net-8.0\",\"source\":\"security-advisories@github.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-50338\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-14T18:35:22.661757Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-14T18:35:26.993Z\"}}], \"cna\": {\"title\": \"Carriage-return character in remote URL allows malicious repository to leak credentials in Git Credential Manager\", \"source\": {\"advisory\": \"GHSA-86c2-4x57-wc8g\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"git-ecosystem\", \"product\": \"git-credential-manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 2.6.1\"}]}], \"references\": [{\"url\": \"https://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g\", \"name\": \"https://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://git-scm.com/docs/git-credential#IOFMT\", \"name\": \"https://git-scm.com/docs/git-credential#IOFMT\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/dotnet/runtime/blob/e476b43b5cb42eb44ce23b1c7b793aa361624cf6/src/libraries/System.Private.CoreLib/src/System/IO/StreamReader.cs#L926\", \"name\": \"https://github.com/dotnet/runtime/blob/e476b43b5cb42eb44ce23b1c7b793aa361624cf6/src/libraries/System.Private.CoreLib/src/System/IO/StreamReader.cs#L926\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/git-ecosystem/git-credential-manager/blob/ae009e11a0fbef804ad9f78816d84a0bc7e052fe/src/shared/Core/StreamExtensions.cs#L138-L141\", \"name\": \"https://github.com/git-ecosystem/git-credential-manager/blob/ae009e11a0fbef804ad9f78816d84a0bc7e052fe/src/shared/Core/StreamExtensions.cs#L138-L141\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b\", \"name\": \"https://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/git-ecosystem/git-credential-manager/releases/tag/v2.6.1\", \"name\": \"https://github.com/git-ecosystem/git-credential-manager/releases/tag/v2.6.1\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/git/git/blob/6a11438f43469f3815f2f0fc997bd45792ff04c0/credential.c#L311\", \"name\": \"https://github.com/git/git/blob/6a11438f43469f3815f2f0fc997bd45792ff04c0/credential.c#L311\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://learn.microsoft.com/en-us/dotnet/api/system.io.streamreader?view=net-8.0\", \"name\": \"https://learn.microsoft.com/en-us/dotnet/api/system.io.streamreader?view=net-8.0\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Git Credential Manager (GCM) is a secure Git credential helper built on .NET that runs on Windows, macOS, and Linux. The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format `key=value`. Git\u0027s documentation restricts the use of the NUL (`\\\\0`) character and newlines to form part of the keys or values. When Git reads from standard input, it considers both LF and CRLF as newline characters for the credential protocol by virtue of calling `strbuf_getline` that calls to `strbuf_getdelim_strip_crlf`. Git also validates that a newline is not present in the value by checking for the presence of the line-feed character (LF, `\\\\n`), and errors if this is the case. This captures both LF and CRLF-type newlines. Git Credential Manager uses the .NET standard library `StreamReader` class to read the standard input stream line-by-line and parse the `key=value` credential protocol format. The implementation of the `ReadLineAsync` method considers LF, CRLF, and CR as valid line endings. This is means that .NET considers a single CR as a valid newline character, whereas Git does not. This mismatch of newline treatment between Git and GCM means that an attacker can craft a malicious remote URL. When a user clones or otherwise interacts with a malicious repository that requires authentication, the attacker can capture credentials for another Git remote. The attack is also heightened when cloning from repositories with submodules when using the `--recursive` clone option as the user is not able to inspect the submodule remote URLs beforehand. This issue has been patched in version 2.6.1 and all users are advised to upgrade. Users unable to upgrade should only interact with trusted remote repositories, and not clone with `--recursive` to allow inspection of any submodule URLs before cloning those submodules.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200: Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-01-14T18:11:23.188Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-50338\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-14T18:35:33.115Z\", \"dateReserved\": \"2024-10-22T17:54:40.954Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-01-14T18:11:23.188Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

fkie_cve-2024-50338

Vulnerability from fkie_nvd

Published

2025-01-14 19:15

Modified

2025-01-14 19:15

Severity ?

7.4 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

Summary

References

▼	URL	Tags
	security-advisories@github.com	https://git-scm.com/docs/git-credential#IOFMT
	security-advisories@github.com	https://github.com/dotnet/runtime/blob/e476b43b5cb42eb44ce23b1c7b793aa361624cf6/src/libraries/System.Private.CoreLib/src/System/IO/StreamReader.cs#L926
	security-advisories@github.com	https://github.com/git-ecosystem/git-credential-manager/blob/ae009e11a0fbef804ad9f78816d84a0bc7e052fe/src/shared/Core/StreamExtensions.cs#L138-L141
	security-advisories@github.com	https://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b
	security-advisories@github.com	https://github.com/git-ecosystem/git-credential-manager/releases/tag/v2.6.1
	security-advisories@github.com	https://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g
	security-advisories@github.com	https://github.com/git/git/blob/6a11438f43469f3815f2f0fc997bd45792ff04c0/credential.c#L311
	security-advisories@github.com	https://learn.microsoft.com/en-us/dotnet/api/system.io.streamreader?view=net-8.0

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Git Credential Manager (GCM) is a secure Git credential helper built on .NET that runs on Windows, macOS, and Linux. The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format `key=value`. Git\u0027s documentation restricts the use of the NUL (`\\0`) character and newlines to form part of the keys or values. When Git reads from standard input, it considers both LF and CRLF as newline characters for the credential protocol by virtue of calling `strbuf_getline` that calls to `strbuf_getdelim_strip_crlf`. Git also validates that a newline is not present in the value by checking for the presence of the line-feed character (LF, `\\n`), and errors if this is the case. This captures both LF and CRLF-type newlines. Git Credential Manager uses the .NET standard library `StreamReader` class to read the standard input stream line-by-line and parse the `key=value` credential protocol format. The implementation of the `ReadLineAsync` method considers LF, CRLF, and CR as valid line endings. This is means that .NET considers a single CR as a valid newline character, whereas Git does not. This mismatch of newline treatment between Git and GCM means that an attacker can craft a malicious remote URL. When a user clones or otherwise interacts with a malicious repository that requires authentication, the attacker can capture credentials for another Git remote. The attack is also heightened when cloning from repositories with submodules when using the `--recursive` clone option as the user is not able to inspect the submodule remote URLs beforehand. This issue has been patched in version 2.6.1 and all users are advised to upgrade. Users unable to upgrade should only interact with trusted remote repositories, and not clone with `--recursive` to allow inspection of any submodule URLs before cloning those submodules."
    },
    {
      "lang": "es",
      "value": "Git Credential Manager (GCM) es un asistente seguro de credenciales de Git creado en .NET que se ejecuta en Windows, macOS y Linux. El protocolo de credenciales de Git se basa en texto sobre entrada/salida est\u00e1ndar y consta de una serie de l\u00edneas de pares clave-valor en el formato `clave=valor`. La documentaci\u00f3n de Git restringe el uso del car\u00e1cter NUL (`\\0`) y las nuevas l\u00edneas para formar parte de las claves o valores. Cuando Git lee desde la entrada est\u00e1ndar, considera tanto LF como CRLF como caracteres de nueva l\u00ednea para el protocolo de credenciales en virtud de la llamada a `strbuf_getline` que llama a `strbuf_getdelim_strip_crlf`. Git tambi\u00e9n valida que no haya una nueva l\u00ednea presente en el valor al verificar la presencia del car\u00e1cter de avance de l\u00ednea (LF, `\\n`) y genera errores si este es el caso. Esto captura las nuevas l\u00edneas de tipo LF y CRLF. Git Credential Manager utiliza la clase `StreamReader` Librer\u00eda est\u00e1ndar .NET para leer el flujo de entrada est\u00e1ndar l\u00ednea por l\u00ednea y analizar el formato del protocolo de credenciales `key=value`. La implementaci\u00f3n del m\u00e9todo `ReadLineAsync` considera LF, CRLF y CR como finales de l\u00ednea v\u00e1lidos. Esto significa que .NET considera un solo CR como un car\u00e1cter de nueva l\u00ednea v\u00e1lido, mientras que Git no lo hace. Esta falta de coincidencia en el tratamiento de las nuevas l\u00edneas entre Git y GCM significa que un atacante puede crear una URL remota maliciosa. Cuando un usuario clona o interact\u00faa de otro modo con un repositorio malicioso que requiere autenticaci\u00f3n, el atacante puede capturar las credenciales de otro repositorio remoto de Git. El ataque tambi\u00e9n se intensifica cuando se clona desde repositorios con subm\u00f3dulos cuando se usa la opci\u00f3n de clonaci\u00f3n `--recursive`, ya que el usuario no puede inspeccionar las URL remotas del subm\u00f3dulo de antemano. Este problema se ha corregido en la versi\u00f3n 2.6.1 y se recomienda a todos los usuarios que actualicen. Los usuarios que no puedan actualizar solo deben interactuar con repositorios remotos confiables y no clonar con `--recursive` para permitir la inspecci\u00f3n de cualquier URL de subm\u00f3dulo antes de clonar esos subm\u00f3dulos."
    }
  ],
  "id": "CVE-2024-50338",
  "lastModified": "2025-01-14T19:15:31.967",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.0,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-01-14T19:15:31.967",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://git-scm.com/docs/git-credential#IOFMT"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/dotnet/runtime/blob/e476b43b5cb42eb44ce23b1c7b793aa361624cf6/src/libraries/System.Private.CoreLib/src/System/IO/StreamReader.cs#L926"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/git-ecosystem/git-credential-manager/blob/ae009e11a0fbef804ad9f78816d84a0bc7e052fe/src/shared/Core/StreamExtensions.cs#L138-L141"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/git-ecosystem/git-credential-manager/releases/tag/v2.6.1"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/git/git/blob/6a11438f43469f3815f2f0fc997bd45792ff04c0/credential.c#L311"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://learn.microsoft.com/en-us/dotnet/api/system.io.streamreader?view=net-8.0"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Primary"
    }
  ]
}

ghsa-86c2-4x57-wc8g

Vulnerability from github

Published

2025-01-14 19:40

Modified

2025-01-14 21:59

Severity ?

7.4 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

Summary

Git Credential Manager carriage-return character in remote URL allows malicious repository to leak credentials

Details

Description

The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format key=value. Git's documentation restricts the use of the NUL (\0) character and newlines to form part of the keys[^1] or values.

When Git reads from standard input, it considers both LF and CRLF[^2] as newline characters for the credential protocol by virtue of calling strbuf_getline that calls to strbuf_getdelim_strip_crlf. Git also validates that a newline is not present in the value by checking for the presence of the line-feed character (LF, \n), and errors if this is the case. This captures both LF and CRLF-type newlines.

Git Credential Manager uses the .NET standard library StreamReader class to read the standard input stream line-by-line and parse the key=value credential protocol format. The implementation of the ReadLineAsync method considers LF, CRLF, and CR as valid line endings. This is means that .NET considers a single CR as a valid newline character, whereas Git does not.

This mismatch of newline treatment between Git and GCM means that an attacker can craft a malicious remote URL such as:

https://\rhost=targethost@badhost

..which will be interpreted by Git as:

protocol=https host=badhost username=\rhost=targethost

This will instead be parsed by GCM as if the following has been passed by Git:

protocol=https host=badhost username= host=targethost

This results in the host field being resolved to the targethost value. GCM will then return a credential for targethost to Git, which will then send this credential to the badhost host.

Impact

When a user clones or otherwise interacts[^3] with a malicious repository that requires authentication, the attacker can capture credentials for another Git remote. The attack is also heightened when cloning from repositories with submodules when using the --recursive clone option as the user is not able to inspect the submodule remote URLs beforehand.

Patches

https://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b

Workarounds

Only interacting with trusted remote repositories, and do not clone with --recursive to allow inspection of any submodule URLs before cloning those submodules.

Fixed versions

This issue is fixed as of version 2.6.1.

[^1]: The = character is also forbidden to form part of the key. [^2]: Carriage-return character (CR, \r), followed by a line-feed character. [^3]: Any remote operation such as fetch, ls-remote, etc.

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.6.0"
      },
      "package": {
        "ecosystem": "NuGet",
        "name": "git-credential-manager"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.6.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-50338"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-436"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-01-14T19:40:54Z",
    "nvd_published_at": "2025-01-14T19:15:31Z",
    "severity": "HIGH"
  },
  "details": "### Description\nThe [Git credential protocol](https://git-scm.com/docs/git-credential#IOFMT) is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format `key=value`. Git\u0027s documentation restricts the use of the NUL (`\\0`) character and newlines to form part of the keys[^1] or values.\n\nWhen Git reads from standard input, it considers both LF and CRLF[^2] as newline characters for the credential protocol by virtue of [calling `strbuf_getline`](https://github.com/git/git/blob/6a11438f43469f3815f2f0fc997bd45792ff04c0/credential.c#L311) that calls to `strbuf_getdelim_strip_crlf`. Git also validates that a newline is not present in the value by checking for the presence of the line-feed character (LF, `\\n`), and errors if this is the case. This captures both LF and CRLF-type newlines.\n\nGit Credential Manager uses the .NET standard library [`StreamReader`](https://learn.microsoft.com/en-us/dotnet/api/system.io.streamreader?view=net-8.0) class to [read the standard input stream line-by-line](https://github.com/git-ecosystem/git-credential-manager/blob/ae009e11a0fbef804ad9f78816d84a0bc7e052fe/src/shared/Core/StreamExtensions.cs#L138-L141) and parse the `key=value` credential protocol format. The [implementation of the `ReadLineAsync` method](https://github.com/dotnet/runtime/blob/e476b43b5cb42eb44ce23b1c7b793aa361624cf6/src/libraries/System.Private.CoreLib/src/System/IO/StreamReader.cs#L926) considers LF, CRLF, and CR as valid line endings. This is means that .NET considers a single CR as a valid newline character, whereas Git does not.\n\nThis mismatch of newline treatment between Git and GCM means that an attacker can craft a malicious remote URL such as:\n\n```\nhttps://\\rhost=targethost@badhost\n```\n\n..which will be interpreted by Git as:\n\n```\nprotocol=https\nhost=badhost\nusername=\\rhost=targethost\n```\n\nThis will instead be parsed by GCM as if the following has been passed by Git:\n\n```\nprotocol=https\nhost=badhost\nusername=\nhost=targethost\n```\n\nThis results in the `host` field being resolved to the `targethost` value. GCM will then return a credential for `targethost` to Git, which will then send this credential to the `badhost` host.\n\n### Impact\nWhen a user clones or otherwise interacts[^3] with a malicious repository that requires authentication, the attacker can capture credentials for another Git remote. The attack is also heightened when cloning from repositories with submodules when using the `--recursive` clone option as the user is not able to inspect the submodule remote URLs beforehand.\n\n### Patches\nhttps://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b\n\n### Workarounds\nOnly interacting with trusted remote repositories, and do not clone with `--recursive` to allow inspection of any submodule URLs before cloning those submodules.\n\n### Fixed versions\nThis issue is fixed as of [version 2.6.1](https://github.com/git-ecosystem/git-credential-manager/releases/tag/v2.6.1).\n\n[^1]: The `=` character is also forbidden to form part of the key.\n[^2]: Carriage-return character (CR, `\\r`), followed by a line-feed character.\n[^3]: Any remote operation such as `fetch`, `ls-remote`, etc.",
  "id": "GHSA-86c2-4x57-wc8g",
  "modified": "2025-01-14T21:59:51Z",
  "published": "2025-01-14T19:40:54Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50338"
    },
    {
      "type": "WEB",
      "url": "https://git-scm.com/docs/git-credential#IOFMT"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dotnet/runtime/blob/e476b43b5cb42eb44ce23b1c7b793aa361624cf6/src/libraries/System.Private.CoreLib/src/System/IO/StreamReader.cs#L926"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/git-ecosystem/git-credential-manager"
    },
    {
      "type": "WEB",
      "url": "https://github.com/git-ecosystem/git-credential-manager/blob/ae009e11a0fbef804ad9f78816d84a0bc7e052fe/src/shared/Core/StreamExtensions.cs#L138-L141"
    },
    {
      "type": "WEB",
      "url": "https://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b"
    },
    {
      "type": "WEB",
      "url": "https://github.com/git-ecosystem/git-credential-manager/releases/tag/v2.6.1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/git/git/blob/6a11438f43469f3815f2f0fc997bd45792ff04c0/credential.c#L311"
    },
    {
      "type": "WEB",
      "url": "https://learn.microsoft.com/en-us/dotnet/api/system.io.streamreader?view=net-8.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Git Credential Manager carriage-return character in remote URL allows malicious repository to leak credentials"
}

ncsc-2025-0011

Vulnerability from csaf_ncscnl

Published

2025-01-14 19:10

Modified

2025-01-14 19:10

Summary

Kwetsbaarheden verholpen in Microsoft Developer Tools

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Microsoft heeft kwetsbaarheden verholpen in Visual Studio en .NET.

Interpretaties

Een kwaadwillende kan de kwetsbaarheden misbruiken om zich verhoogde rechten toe te kennen, toegang te krijgen tot gevoelige gegevens of om willekeurige code uit te voeren in de context van het slachtoffer. Voor succesvol misbruik moet de kwaadwillende het slachtoffer misleiden een malafide bestand te openen en verwerken. ``` Visual Studio: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2024-50338 | 7.40 | Toegang tot gevoelige gegevens | | CVE-2025-21178 | 8.80 | Uitvoeren van willekeurige code | | CVE-2025-21405 | 7.30 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| .NET, .NET Framework, Visual Studio: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-21176 | 8.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| .NET: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-21171 | 8.10 | Uitvoeren van willekeurige code | | CVE-2025-21173 | 8.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| .NET and Visual Studio: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-21172 | 7.50 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| ```

Oplossingen

Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op: https://portal.msrc.microsoft.com/en-us/security-guidance

Kans

medium

Schade

high

CWE-126

Buffer Over-read

CWE-379

Creation of Temporary File in Directory with Insecure Permissions

CWE-190

Integer Overflow or Wraparound

CWE-125

Out-of-bounds Read

CWE-284

Improper Access Control

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-122

Heap-based Buffer Overflow

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Microsoft heeft kwetsbaarheden verholpen in Visual Studio en .NET.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om zich verhoogde rechten toe te kennen, toegang te krijgen tot gevoelige gegevens of om willekeurige code uit te voeren in de context van het slachtoffer.\n\nVoor succesvol misbruik moet de kwaadwillende het slachtoffer misleiden een malafide bestand te openen en verwerken.\n\n```\nVisual Studio: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2024-50338 | 7.40 | Toegang tot gevoelige gegevens      | \n| CVE-2025-21178 | 8.80 | Uitvoeren van willekeurige code     | \n| CVE-2025-21405 | 7.30 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\n.NET, .NET Framework, Visual Studio: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-21176 | 8.80 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\n.NET: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-21171 | 8.10 | Uitvoeren van willekeurige code     | \n| CVE-2025-21173 | 8.00 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\n.NET and Visual Studio: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-21172 | 7.50 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\n\n```",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:\n\nhttps://portal.msrc.microsoft.com/en-us/security-guidance",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Buffer Over-read",
        "title": "CWE-126"
      },
      {
        "category": "general",
        "text": "Creation of Temporary File in Directory with Insecure Permissions",
        "title": "CWE-379"
      },
      {
        "category": "general",
        "text": "Integer Overflow or Wraparound",
        "title": "CWE-190"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      },
      {
        "category": "general",
        "text": "Heap-based Buffer Overflow",
        "title": "CWE-122"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "title": "Kwetsbaarheden verholpen in Microsoft Developer Tools",
    "tracking": {
      "current_release_date": "2025-01-14T19:10:44.895101Z",
      "id": "NCSC-2025-0011",
      "initial_release_date": "2025-01-14T19:10:44.895101Z",
      "revision_history": [
        {
          "date": "2025-01-14T19:10:44.895101Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": ".net_8.0",
            "product": {
              "name": ".net_8.0",
              "product_id": "CSAFPID-1741483",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:.net_8.0:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": ".net_9.0",
            "product": {
              "name": ".net_9.0",
              "product_id": "CSAFPID-1741383",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:.net_9.0:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "microsoft_.net_framework_3.5_and_4.6.2_4.7_4.7.1_4.7.2",
            "product": {
              "name": "microsoft_.net_framework_3.5_and_4.6.2_4.7_4.7.1_4.7.2",
              "product_id": "CSAFPID-1747222",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_.net_framework_3.5_and_4.6.2_4.7_4.7.1_4.7.2:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "microsoft_.net_framework_3.5_and_4.7.2",
            "product": {
              "name": "microsoft_.net_framework_3.5_and_4.7.2",
              "product_id": "CSAFPID-1741478",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_.net_framework_3.5_and_4.7.2:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "microsoft_.net_framework_3.5_and_4.8.1",
            "product": {
              "name": "microsoft_.net_framework_3.5_and_4.8.1",
              "product_id": "CSAFPID-1741469",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_.net_framework_3.5_and_4.8.1:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "microsoft_.net_framework_3.5_and_4.8",
            "product": {
              "name": "microsoft_.net_framework_3.5_and_4.8",
              "product_id": "CSAFPID-1741477",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_.net_framework_3.5_and_4.8:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "microsoft_.net_framework_4.6.2",
            "product": {
              "name": "microsoft_.net_framework_4.6.2",
              "product_id": "CSAFPID-1741470",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_.net_framework_4.6.2:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "microsoft_.net_framework_4.6.2_4.7_4.7.1_4.7.2",
            "product": {
              "name": "microsoft_.net_framework_4.6.2_4.7_4.7.1_4.7.2",
              "product_id": "CSAFPID-1741468",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_.net_framework_4.6.2_4.7_4.7.1_4.7.2:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "microsoft_.net_framework_4.6_4.6.2",
            "product": {
              "name": "microsoft_.net_framework_4.6_4.6.2",
              "product_id": "CSAFPID-1741471",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_.net_framework_4.6_4.6.2:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "microsoft_.net_framework_4.8",
            "product": {
              "name": "microsoft_.net_framework_4.8",
              "product_id": "CSAFPID-1741476",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_.net_framework_4.8:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "microsoft_visual_studio_2017_version_15.9__includes_15.0_-_15.8_",
            "product": {
              "name": "microsoft_visual_studio_2017_version_15.9__includes_15.0_-_15.8_",
              "product_id": "CSAFPID-1717938",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_visual_studio_2017_version_15.9__includes_15.0_-_15.8_:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "microsoft_visual_studio_2019_version_16.11__includes_16.0_-_16.10_",
            "product": {
              "name": "microsoft_visual_studio_2019_version_16.11__includes_16.0_-_16.10_",
              "product_id": "CSAFPID-1717935",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_visual_studio_2019_version_16.11__includes_16.0_-_16.10_:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "microsoft_visual_studio_2022_version_17.10",
            "product": {
              "name": "microsoft_visual_studio_2022_version_17.10",
              "product_id": "CSAFPID-1741374",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.10:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "microsoft_visual_studio_2022_version_17.12",
            "product": {
              "name": "microsoft_visual_studio_2022_version_17.12",
              "product_id": "CSAFPID-1749644",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.12:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "microsoft_visual_studio_2022_version_17.6",
            "product": {
              "name": "microsoft_visual_studio_2022_version_17.6",
              "product_id": "CSAFPID-1741372",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.6:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "microsoft_visual_studio_2022_version_17.8",
            "product": {
              "name": "microsoft_visual_studio_2022_version_17.8",
              "product_id": "CSAFPID-1741373",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.8:*:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "microsoft"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-50338",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-50338",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50338.json"
        }
      ],
      "title": "CVE-2024-50338"
    },
    {
      "cve": "CVE-2025-21171",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1741383",
          "CSAFPID-1749644",
          "CSAFPID-1741372",
          "CSAFPID-1741373",
          "CSAFPID-1741374"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21171",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21171.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1741383",
            "CSAFPID-1749644",
            "CSAFPID-1741372",
            "CSAFPID-1741373",
            "CSAFPID-1741374"
          ]
        }
      ],
      "title": "CVE-2025-21171"
    },
    {
      "cve": "CVE-2025-21172",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1717938",
          "CSAFPID-1717935",
          "CSAFPID-1741372",
          "CSAFPID-1741373",
          "CSAFPID-1741374",
          "CSAFPID-1749644",
          "CSAFPID-1741483",
          "CSAFPID-1741383"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21172",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21172.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1717938",
            "CSAFPID-1717935",
            "CSAFPID-1741372",
            "CSAFPID-1741373",
            "CSAFPID-1741374",
            "CSAFPID-1749644",
            "CSAFPID-1741483",
            "CSAFPID-1741383"
          ]
        }
      ],
      "title": "CVE-2025-21172"
    },
    {
      "cve": "CVE-2025-21173",
      "cwe": {
        "id": "CWE-379",
        "name": "Creation of Temporary File in Directory with Insecure Permissions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Creation of Temporary File in Directory with Insecure Permissions",
          "title": "CWE-379"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1741483",
          "CSAFPID-1741383",
          "CSAFPID-1749644",
          "CSAFPID-1741372",
          "CSAFPID-1741373",
          "CSAFPID-1741374"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21173",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21173.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1741483",
            "CSAFPID-1741383",
            "CSAFPID-1749644",
            "CSAFPID-1741372",
            "CSAFPID-1741373",
            "CSAFPID-1741374"
          ]
        }
      ],
      "title": "CVE-2025-21173"
    },
    {
      "cve": "CVE-2025-21176",
      "cwe": {
        "id": "CWE-126",
        "name": "Buffer Over-read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Over-read",
          "title": "CWE-126"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1717938",
          "CSAFPID-1717935",
          "CSAFPID-1741372",
          "CSAFPID-1741373",
          "CSAFPID-1741374",
          "CSAFPID-1749644",
          "CSAFPID-1741483",
          "CSAFPID-1741383",
          "CSAFPID-1741469",
          "CSAFPID-1741476",
          "CSAFPID-1741477",
          "CSAFPID-1741478",
          "CSAFPID-1747222",
          "CSAFPID-1741468",
          "CSAFPID-1741470",
          "CSAFPID-1741471"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21176",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21176.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1717938",
            "CSAFPID-1717935",
            "CSAFPID-1741372",
            "CSAFPID-1741373",
            "CSAFPID-1741374",
            "CSAFPID-1749644",
            "CSAFPID-1741483",
            "CSAFPID-1741383",
            "CSAFPID-1741469",
            "CSAFPID-1741476",
            "CSAFPID-1741477",
            "CSAFPID-1741478",
            "CSAFPID-1747222",
            "CSAFPID-1741468",
            "CSAFPID-1741470",
            "CSAFPID-1741471"
          ]
        }
      ],
      "title": "CVE-2025-21176"
    },
    {
      "cve": "CVE-2025-21178",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1717938",
          "CSAFPID-1717935",
          "CSAFPID-1741372",
          "CSAFPID-1741373",
          "CSAFPID-1741374",
          "CSAFPID-1749644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21178",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21178.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1717938",
            "CSAFPID-1717935",
            "CSAFPID-1741372",
            "CSAFPID-1741373",
            "CSAFPID-1741374",
            "CSAFPID-1749644"
          ]
        }
      ],
      "title": "CVE-2025-21178"
    },
    {
      "cve": "CVE-2025-21405",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1749644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21405",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21405.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1749644"
          ]
        }
      ],
      "title": "CVE-2025-21405"
    }
  ]
}

wid-sec-w-2025-0093

Vulnerability from csaf_certbund

Published

2025-01-14 23:00

Modified

2025-01-19 23:00

Summary

Microsoft Developer Tools: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Microsoft Visual Studio ist eine integrierte Entwicklungsumgebung für Hochsprachen. Microsoft .NET Framework ist eine Komponente des Microsoft Windows-Betriebssystems, das die Erstellung und Ausführung von Softwareanwendungen und Webdiensten ermöglicht. Es beinhaltet sowohl eine Laufzeitumgebung als auch ein Framework von Klassenbibliotheken (APIs), u. a. für die Programmiersprache ASP (ASP.NET), den Datenzugriff (ADO.NET), intelligente Clientanwendungen (Windows Forms) und weitere. Windows ist ein Betriebssystem von Microsoft. Windows Server 2016 ist ein Betriebssystem von Microsoft. Windows Server 2019 ist ein Betriebssystem von Microsoft.

Angriff

Ein Angreifer kann mehrere Schwachstellen in Microsoft Visual Studio 2017, Microsoft .NET Framework, Microsoft Windows Server 2012, Microsoft Windows Server 2012 R2, Microsoft Windows Server 2016, Microsoft Windows Server 2019, Microsoft Windows Server 2022, Microsoft Visual Studio 2019, Microsoft Visual Studio 2022 und Microsoft Windows ausnutzen, um seine Privilegien zu erhöhen, beliebigen Code auszuführen und vertrauliche Informationen preiszugeben.

Betroffene Betriebssysteme

- Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Microsoft Visual Studio ist eine integrierte Entwicklungsumgebung f\u00fcr Hochsprachen.\r\nMicrosoft .NET Framework ist eine Komponente des Microsoft Windows-Betriebssystems, das die Erstellung und Ausf\u00fchrung von Softwareanwendungen und Webdiensten erm\u00f6glicht. Es beinhaltet sowohl eine Laufzeitumgebung als auch ein Framework von Klassenbibliotheken (APIs), u. a. f\u00fcr die Programmiersprache ASP (ASP.NET), den Datenzugriff (ADO.NET), intelligente Clientanwendungen (Windows Forms) und weitere.\r\nWindows ist ein Betriebssystem von Microsoft.\r\nWindows Server 2016 ist ein Betriebssystem von Microsoft.\r\nWindows Server 2019 ist ein Betriebssystem von Microsoft.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Microsoft Visual Studio 2017, Microsoft .NET Framework, Microsoft Windows Server 2012, Microsoft Windows Server 2012 R2, Microsoft Windows Server 2016, Microsoft Windows Server 2019, Microsoft Windows Server 2022, Microsoft Visual Studio 2019, Microsoft Visual Studio 2022 und Microsoft Windows ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren und vertrauliche Informationen preiszugeben.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0093 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0093.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0093 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0093"
      },
      {
        "category": "external",
        "summary": "Microsoft Leitfaden f\u00fcr Sicherheitsupdates",
        "url": "https://msrc.microsoft.com/update-guide/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7210-1 vom 2025-01-16",
        "url": "https://ubuntu.com/security/notices/USN-7210-1"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:0381 vom 2025-01-16",
        "url": "https://access.redhat.com/errata/RHSA-2025:0381"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:0382 vom 2025-01-16",
        "url": "https://access.redhat.com/errata/RHSA-2025:0382"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-0382 vom 2025-01-17",
        "url": "https://linux.oracle.com/errata/ELSA-2025-0382.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-0381 vom 2025-01-17",
        "url": "https://linux.oracle.com/errata/ELSA-2025-0381.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Microsoft Developer Tools: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-01-19T23:00:00.000+00:00",
      "generator": {
        "date": "2025-01-20T09:18:22.239+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2025-0093",
      "initial_release_date": "2025-01-14T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-01-14T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-01-16T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Ubuntu und Red Hat aufgenommen"
        },
        {
          "date": "2025-01-19T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "4.8 on Windows Server 2008 R2 SP1",
                "product": {
                  "name": "Microsoft .NET Framework 4.8 on Windows Server 2008 R2 SP1",
                  "product_id": "T040228",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:.net_framework:4.8_on_windows_server_2008_r2_sp1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "4.8 on Windows 10 Version 1607",
                "product": {
                  "name": "Microsoft .NET Framework 4.8 on Windows 10 Version 1607",
                  "product_id": "T040232",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:.net_framework:4.8_on_windows_10_version_1607"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "3.5 AND 4.8 on Windows 10 Version 1809",
                "product": {
                  "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809",
                  "product_id": "T040233",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:.net_framework:3.5_and_4.8_on_windows_10_version_1809"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "3.5 AND 4.8 on Windows 10 Version 21H2",
                "product": {
                  "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2",
                  "product_id": "T040236",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:.net_framework:3.5_and_4.8_on_windows_10_version_21h2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "3.5 AND 4.8 on Windows 10 Version 22H2",
                "product": {
                  "name": "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2",
                  "product_id": "T040237",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:.net_framework:3.5_and_4.8_on_windows_10_version_22h2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "3.5 AND 4.7.2 on Windows 10 Version 1809",
                "product": {
                  "name": "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809",
                  "product_id": "T040239",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:.net_framework:3.5_and_4.7.2_on_windows_10_version_1809"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607",
                "product": {
                  "name": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607",
                  "product_id": "T040241",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:.net_framework:3.5_and_4.6.24.74.7.14.7.2_on_windows_10_version_1607"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 SP1",
                "product": {
                  "name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 SP1",
                  "product_id": "T040242",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:.net_framework:4.6.24.74.7.14.7.2_on_windows_server_2008_r2_sp1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "3.5 AND 4.8.1 on Windows 10 Version 21H2",
                "product": {
                  "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2",
                  "product_id": "T040250",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:.net_framework:3.5_and_4.8.1_on_windows_10_version_21h2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "3.5 AND 4.8.1 on Windows 11 Version 22H2",
                "product": {
                  "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2",
                  "product_id": "T040251",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:.net_framework:3.5_and_4.8.1_on_windows_11_version_22h2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "3.5 AND 4.8.1 on Windows 10 Version 22H2",
                "product": {
                  "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2",
                  "product_id": "T040254",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:.net_framework:3.5_and_4.8.1_on_windows_10_version_22h2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "3.5 AND 4.8.1 on Windows 11 Version 23H2",
                "product": {
                  "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2",
                  "product_id": "T040255",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:.net_framework:3.5_and_4.8.1_on_windows_11_version_23h2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "3.5 AND 4.8.1 on Windows 11 Version 24H2",
                "product": {
                  "name": "Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 24H2",
                  "product_id": "T040257",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:.net_framework:3.5_and_4.8.1_on_windows_11_version_24h2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "4.6.2 on Windows Server 2008 SP2",
                "product": {
                  "name": "Microsoft .NET Framework 4.6.2 on Windows Server 2008 SP2",
                  "product_id": "T040258",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:.net_framework:4.6.2_on_windows_server_2008_sp2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "4.6/4.6.2 on Windows 10",
                "product": {
                  "name": "Microsoft .NET Framework 4.6/4.6.2 on Windows 10",
                  "product_id": "T040259",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:.net_framework:4.64.6.2_on_windows_10"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": ".NET Framework"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "version 15.9 (includes 15.0-15.8)",
                "product": {
                  "name": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0-15.8)",
                  "product_id": "T040227"
                }
              }
            ],
            "category": "product_name",
            "name": "Visual Studio 2017"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "version 16.11 (includes 16.0-16.10)",
                "product": {
                  "name": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0-16.10)",
                  "product_id": "T040249"
                }
              }
            ],
            "category": "product_name",
            "name": "Visual Studio 2019"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "version 17.6",
                "product": {
                  "name": "Microsoft Visual Studio 2022 version 17.6",
                  "product_id": "T040260"
                }
              },
              {
                "category": "product_version_range",
                "name": "version 17.8",
                "product": {
                  "name": "Microsoft Visual Studio 2022 version 17.8",
                  "product_id": "T040261"
                }
              },
              {
                "category": "product_version_range",
                "name": "version 17.10",
                "product": {
                  "name": "Microsoft Visual Studio 2022 version 17.10",
                  "product_id": "T040264"
                }
              },
              {
                "category": "product_version_range",
                "name": "version 17.12",
                "product": {
                  "name": "Microsoft Visual Studio 2022 version 17.12",
                  "product_id": "T040267"
                }
              }
            ],
            "category": "product_name",
            "name": "Visual Studio 2022"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": ".NET 8.0 installed on Windows",
                "product": {
                  "name": "Microsoft Windows .NET 8.0 installed on Windows",
                  "product_id": "T040265"
                }
              },
              {
                "category": "product_version_range",
                "name": ".NET 9.0 installed on Windows",
                "product": {
                  "name": "Microsoft Windows .NET 9.0 installed on Windows",
                  "product_id": "T040266"
                }
              }
            ],
            "category": "product_name",
            "name": "Windows"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": ".NET Framework 4.8 on Windows Server 2012",
                "product": {
                  "name": "Microsoft Windows Server 2012 .NET Framework 4.8 on Windows Server 2012",
                  "product_id": "T040229",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server_2012:.net_framework_4.8_on_windows_server_2012"
                  }
                }
              },
              {
                "category": "product_version",
                "name": ".NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012",
                "product": {
                  "name": "Microsoft Windows Server 2012 .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012",
                  "product_id": "T040243",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server_2012:.net_framework_4.6.24.74.7.14.7.2_on_windows_server_2012"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Windows Server 2012"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": ".NET Framework 4.8 on Windows Server 2012 R2",
                "product": {
                  "name": "Microsoft Windows Server 2012 R2 .NET Framework 4.8 on Windows Server 2012 R2",
                  "product_id": "T040230",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server_2012_r2:.net_framework_4.8_on_windows_server_2012_r2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": ".NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2",
                "product": {
                  "name": "Microsoft Windows Server 2012 R2 .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2",
                  "product_id": "T040244",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server_2012_r2:.net_framework_4.6.24.74.7.14.7.2_on_windows_server_2012_r2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Windows Server 2012 R2"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": ".NET Framework 4.8 on Windows Server 2016",
                "product": {
                  "name": "Microsoft Windows Server 2016 .NET Framework 4.8 on Windows Server 2016",
                  "product_id": "T040231",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server_2016:.net_framework_4.8_on_windows_server_2016"
                  }
                }
              },
              {
                "category": "product_version",
                "name": ".NET Framework 3.5 AND 4.7.2 on Windows Server 2016",
                "product": {
                  "name": "Microsoft Windows Server 2016 .NET Framework 3.5 AND 4.7.2 on Windows Server 2016",
                  "product_id": "T040238",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server_2016:.net_framework_3.5_and_4.7.2_on_windows_server_2016"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Windows Server 2016"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": ".NET Framework 3.5 AND 4.8 on Windows Server 2019",
                "product": {
                  "name": "Microsoft Windows Server 2019 .NET Framework 3.5 AND 4.8 on Windows Server 2019",
                  "product_id": "T040234",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server_2019:.net_framework_3.5_and_4.8_on_windows_server_2019"
                  }
                }
              },
              {
                "category": "product_version",
                "name": ".NET Framework 3.5 AND 4.7.2 on Windows Server 2019",
                "product": {
                  "name": "Microsoft Windows Server 2019 .NET Framework 3.5 AND 4.7.2 on Windows Server 2019",
                  "product_id": "T040240",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server_2019:.net_framework_3.5_and_4.7.2_on_windows_server_2019"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Windows Server 2019"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": ".NET Framework 3.5 AND 4.8 on Windows Server 2022",
                "product": {
                  "name": "Microsoft Windows Server 2022 .NET Framework 3.5 AND 4.8 on Windows Server 2022",
                  "product_id": "T040235",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server_2022:.net_framework_3.5_and_4.8_on_windows_server_2022"
                  }
                }
              },
              {
                "category": "product_version",
                "name": ".NET Framework 3.5 AND 4.8.1 on Windows Server 2022",
                "product": {
                  "name": "Microsoft Windows Server 2022 .NET Framework 3.5 AND 4.8.1 on Windows Server 2022",
                  "product_id": "T040248",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server_2022:.net_framework_3.5_and_4.8.1_on_windows_server_2022"
                  }
                }
              },
              {
                "category": "product_version",
                "name": ".NET Framework 3.5 AND 4.8.1 on 23H2 Edition",
                "product": {
                  "name": "Microsoft Windows Server 2022 .NET Framework 3.5 AND 4.8.1 on 23H2 Edition",
                  "product_id": "T040256",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server_2022:.net_framework_3.5_and_4.8.1_on_23h2_edition"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Windows Server 2022"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-50338",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Microsoft Visual Studio 2017, Microsoft .NET Framework, Microsoft Windows Server 2012, Microsoft Windows Server 2012 R2, Microsoft Windows Server 2016, Microsoft Windows Server 2019, Microsoft Windows Server 2022, Microsoft Visual Studio 2019, Microsoft Visual Studio 2022 und Microsoft Windows. Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um erh\u00f6hte Rechte - einschlie\u00dflich Administratorrechte - zu erlangen, um beliebigen Code auszuf\u00fchren und vertrauliche Informationen offenzulegen. Viele der Schwachstellen erfordern irgendeine Form der Benutzerinteraktion, um erfolgreich ausgenutzt zu werden, z. B. muss das Opfer Dateien kopieren, einen Befehl ausf\u00fchren oder eine b\u00f6swillig gestaltete Package-Datei in Visual Studio \u00f6ffnen. Einige der Schwachstellen erfordern besondere Bedingungen, um ausgenutzt werden zu k\u00f6nnen, z. B. muss der Angreifer spezifische Informationen \u00fcber die Umgebung der anvisierten Komponente sammeln oder besonderen Zugang zu vorinstallierten sch\u00e4dlichen Dateien haben."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T040229",
          "T040228",
          "T004914",
          "T040230",
          "T040251",
          "T040250",
          "T040238",
          "T040237",
          "T040259",
          "T040236",
          "T040258",
          "T040235",
          "T040257",
          "T040234",
          "T040256",
          "T040233",
          "T040255",
          "T040232",
          "T040254",
          "T040231",
          "T040239",
          "T040241",
          "T040240",
          "T040261",
          "T040260",
          "T000126",
          "T040227",
          "T040249",
          "T040248",
          "T040267",
          "T040244",
          "T040266",
          "T040243",
          "T040265",
          "T040242",
          "T040264"
        ]
      },
      "release_date": "2025-01-14T23:00:00.000+00:00",
      "title": "CVE-2024-50338"
    },
    {
      "cve": "CVE-2025-21171",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Microsoft Visual Studio 2017, Microsoft .NET Framework, Microsoft Windows Server 2012, Microsoft Windows Server 2012 R2, Microsoft Windows Server 2016, Microsoft Windows Server 2019, Microsoft Windows Server 2022, Microsoft Visual Studio 2019, Microsoft Visual Studio 2022 und Microsoft Windows. Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um erh\u00f6hte Rechte - einschlie\u00dflich Administratorrechte - zu erlangen, um beliebigen Code auszuf\u00fchren und vertrauliche Informationen offenzulegen. Viele der Schwachstellen erfordern irgendeine Form der Benutzerinteraktion, um erfolgreich ausgenutzt zu werden, z. B. muss das Opfer Dateien kopieren, einen Befehl ausf\u00fchren oder eine b\u00f6swillig gestaltete Package-Datei in Visual Studio \u00f6ffnen. Einige der Schwachstellen erfordern besondere Bedingungen, um ausgenutzt werden zu k\u00f6nnen, z. B. muss der Angreifer spezifische Informationen \u00fcber die Umgebung der anvisierten Komponente sammeln oder besonderen Zugang zu vorinstallierten sch\u00e4dlichen Dateien haben."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T040229",
          "T040228",
          "T004914",
          "T040230",
          "T040251",
          "T040250",
          "T040238",
          "T040237",
          "T040259",
          "T040236",
          "T040258",
          "T040235",
          "T040257",
          "T040234",
          "T040256",
          "T040233",
          "T040255",
          "T040232",
          "T040254",
          "T040231",
          "T040239",
          "T040241",
          "T040240",
          "T040261",
          "T040260",
          "T000126",
          "T040227",
          "T040249",
          "T040248",
          "T040267",
          "T040244",
          "T040266",
          "T040243",
          "T040265",
          "T040242",
          "T040264"
        ]
      },
      "release_date": "2025-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-21171"
    },
    {
      "cve": "CVE-2025-21172",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Microsoft Visual Studio 2017, Microsoft .NET Framework, Microsoft Windows Server 2012, Microsoft Windows Server 2012 R2, Microsoft Windows Server 2016, Microsoft Windows Server 2019, Microsoft Windows Server 2022, Microsoft Visual Studio 2019, Microsoft Visual Studio 2022 und Microsoft Windows. Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um erh\u00f6hte Rechte - einschlie\u00dflich Administratorrechte - zu erlangen, um beliebigen Code auszuf\u00fchren und vertrauliche Informationen offenzulegen. Viele der Schwachstellen erfordern irgendeine Form der Benutzerinteraktion, um erfolgreich ausgenutzt zu werden, z. B. muss das Opfer Dateien kopieren, einen Befehl ausf\u00fchren oder eine b\u00f6swillig gestaltete Package-Datei in Visual Studio \u00f6ffnen. Einige der Schwachstellen erfordern besondere Bedingungen, um ausgenutzt werden zu k\u00f6nnen, z. B. muss der Angreifer spezifische Informationen \u00fcber die Umgebung der anvisierten Komponente sammeln oder besonderen Zugang zu vorinstallierten sch\u00e4dlichen Dateien haben."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T040229",
          "T040228",
          "T004914",
          "T040230",
          "T040251",
          "T040250",
          "T040238",
          "T040237",
          "T040259",
          "T040236",
          "T040258",
          "T040235",
          "T040257",
          "T040234",
          "T040256",
          "T040233",
          "T040255",
          "T040232",
          "T040254",
          "T040231",
          "T040239",
          "T040241",
          "T040240",
          "T040261",
          "T040260",
          "T000126",
          "T040227",
          "T040249",
          "T040248",
          "T040267",
          "T040244",
          "T040266",
          "T040243",
          "T040265",
          "T040242",
          "T040264"
        ]
      },
      "release_date": "2025-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-21172"
    },
    {
      "cve": "CVE-2025-21173",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Microsoft Visual Studio 2017, Microsoft .NET Framework, Microsoft Windows Server 2012, Microsoft Windows Server 2012 R2, Microsoft Windows Server 2016, Microsoft Windows Server 2019, Microsoft Windows Server 2022, Microsoft Visual Studio 2019, Microsoft Visual Studio 2022 und Microsoft Windows. Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um erh\u00f6hte Rechte - einschlie\u00dflich Administratorrechte - zu erlangen, um beliebigen Code auszuf\u00fchren und vertrauliche Informationen offenzulegen. Viele der Schwachstellen erfordern irgendeine Form der Benutzerinteraktion, um erfolgreich ausgenutzt zu werden, z. B. muss das Opfer Dateien kopieren, einen Befehl ausf\u00fchren oder eine b\u00f6swillig gestaltete Package-Datei in Visual Studio \u00f6ffnen. Einige der Schwachstellen erfordern besondere Bedingungen, um ausgenutzt werden zu k\u00f6nnen, z. B. muss der Angreifer spezifische Informationen \u00fcber die Umgebung der anvisierten Komponente sammeln oder besonderen Zugang zu vorinstallierten sch\u00e4dlichen Dateien haben."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T040229",
          "T040228",
          "T004914",
          "T040230",
          "T040251",
          "T040250",
          "T040238",
          "T040237",
          "T040259",
          "T040236",
          "T040258",
          "T040235",
          "T040257",
          "T040234",
          "T040256",
          "T040233",
          "T040255",
          "T040232",
          "T040254",
          "T040231",
          "T040239",
          "T040241",
          "T040240",
          "T040261",
          "T040260",
          "T000126",
          "T040227",
          "T040249",
          "T040248",
          "T040267",
          "T040244",
          "T040266",
          "T040243",
          "T040265",
          "T040242",
          "T040264"
        ]
      },
      "release_date": "2025-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-21173"
    },
    {
      "cve": "CVE-2025-21176",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Microsoft Visual Studio 2017, Microsoft .NET Framework, Microsoft Windows Server 2012, Microsoft Windows Server 2012 R2, Microsoft Windows Server 2016, Microsoft Windows Server 2019, Microsoft Windows Server 2022, Microsoft Visual Studio 2019, Microsoft Visual Studio 2022 und Microsoft Windows. Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um erh\u00f6hte Rechte - einschlie\u00dflich Administratorrechte - zu erlangen, um beliebigen Code auszuf\u00fchren und vertrauliche Informationen offenzulegen. Viele der Schwachstellen erfordern irgendeine Form der Benutzerinteraktion, um erfolgreich ausgenutzt zu werden, z. B. muss das Opfer Dateien kopieren, einen Befehl ausf\u00fchren oder eine b\u00f6swillig gestaltete Package-Datei in Visual Studio \u00f6ffnen. Einige der Schwachstellen erfordern besondere Bedingungen, um ausgenutzt werden zu k\u00f6nnen, z. B. muss der Angreifer spezifische Informationen \u00fcber die Umgebung der anvisierten Komponente sammeln oder besonderen Zugang zu vorinstallierten sch\u00e4dlichen Dateien haben."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T040229",
          "T040228",
          "T004914",
          "T040230",
          "T040251",
          "T040250",
          "T040238",
          "T040237",
          "T040259",
          "T040236",
          "T040258",
          "T040235",
          "T040257",
          "T040234",
          "T040256",
          "T040233",
          "T040255",
          "T040232",
          "T040254",
          "T040231",
          "T040239",
          "T040241",
          "T040240",
          "T040261",
          "T040260",
          "T000126",
          "T040227",
          "T040249",
          "T040248",
          "T040267",
          "T040244",
          "T040266",
          "T040243",
          "T040265",
          "T040242",
          "T040264"
        ]
      },
      "release_date": "2025-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-21176"
    },
    {
      "cve": "CVE-2025-21178",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Microsoft Visual Studio 2017, Microsoft .NET Framework, Microsoft Windows Server 2012, Microsoft Windows Server 2012 R2, Microsoft Windows Server 2016, Microsoft Windows Server 2019, Microsoft Windows Server 2022, Microsoft Visual Studio 2019, Microsoft Visual Studio 2022 und Microsoft Windows. Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um erh\u00f6hte Rechte - einschlie\u00dflich Administratorrechte - zu erlangen, um beliebigen Code auszuf\u00fchren und vertrauliche Informationen offenzulegen. Viele der Schwachstellen erfordern irgendeine Form der Benutzerinteraktion, um erfolgreich ausgenutzt zu werden, z. B. muss das Opfer Dateien kopieren, einen Befehl ausf\u00fchren oder eine b\u00f6swillig gestaltete Package-Datei in Visual Studio \u00f6ffnen. Einige der Schwachstellen erfordern besondere Bedingungen, um ausgenutzt werden zu k\u00f6nnen, z. B. muss der Angreifer spezifische Informationen \u00fcber die Umgebung der anvisierten Komponente sammeln oder besonderen Zugang zu vorinstallierten sch\u00e4dlichen Dateien haben."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T040229",
          "T040228",
          "T004914",
          "T040230",
          "T040251",
          "T040250",
          "T040238",
          "T040237",
          "T040259",
          "T040236",
          "T040258",
          "T040235",
          "T040257",
          "T040234",
          "T040256",
          "T040233",
          "T040255",
          "T040232",
          "T040254",
          "T040231",
          "T040239",
          "T040241",
          "T040240",
          "T040261",
          "T040260",
          "T000126",
          "T040227",
          "T040249",
          "T040248",
          "T040267",
          "T040244",
          "T040266",
          "T040243",
          "T040265",
          "T040242",
          "T040264"
        ]
      },
      "release_date": "2025-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-21178"
    },
    {
      "cve": "CVE-2025-21405",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Microsoft Visual Studio 2017, Microsoft .NET Framework, Microsoft Windows Server 2012, Microsoft Windows Server 2012 R2, Microsoft Windows Server 2016, Microsoft Windows Server 2019, Microsoft Windows Server 2022, Microsoft Visual Studio 2019, Microsoft Visual Studio 2022 und Microsoft Windows. Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um erh\u00f6hte Rechte - einschlie\u00dflich Administratorrechte - zu erlangen, um beliebigen Code auszuf\u00fchren und vertrauliche Informationen offenzulegen. Viele der Schwachstellen erfordern irgendeine Form der Benutzerinteraktion, um erfolgreich ausgenutzt zu werden, z. B. muss das Opfer Dateien kopieren, einen Befehl ausf\u00fchren oder eine b\u00f6swillig gestaltete Package-Datei in Visual Studio \u00f6ffnen. Einige der Schwachstellen erfordern besondere Bedingungen, um ausgenutzt werden zu k\u00f6nnen, z. B. muss der Angreifer spezifische Informationen \u00fcber die Umgebung der anvisierten Komponente sammeln oder besonderen Zugang zu vorinstallierten sch\u00e4dlichen Dateien haben."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T040229",
          "T040228",
          "T004914",
          "T040230",
          "T040251",
          "T040250",
          "T040238",
          "T040237",
          "T040259",
          "T040236",
          "T040258",
          "T040235",
          "T040257",
          "T040234",
          "T040256",
          "T040233",
          "T040255",
          "T040232",
          "T040254",
          "T040231",
          "T040239",
          "T040241",
          "T040240",
          "T040261",
          "T040260",
          "T000126",
          "T040227",
          "T040249",
          "T040248",
          "T040267",
          "T040244",
          "T040266",
          "T040243",
          "T040265",
          "T040242",
          "T040264"
        ]
      },
      "release_date": "2025-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-21405"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2024-50338

Vulnerability from cvelistv5

fkie_cve-2024-50338

Vulnerability from fkie_nvd

ghsa-86c2-4x57-wc8g

Vulnerability from github

Description

Impact

Patches

Workarounds

Fixed versions

ncsc-2025-0011

Vulnerability from csaf_ncscnl

wid-sec-w-2025-0093

Vulnerability from csaf_certbund

Tags

Sightings

Nomenclature