5.5

CVE-2022-30184

.NET and Visual Studio Information Disclosure Vulnerability

.NET and Visual Studio Information Disclosure Vulnerability
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftVisual Studio 2022 Version >= 17.0 < 17.0.4
   ApplemacOS Version-
Microsoft.Net Version6.0.0 Update-
Microsoft.Net Core Version3.1 Update-
MicrosoftNuget Version < 6.2.1
MicrosoftVisual Studio 2019 Version >= 16.0 < 16.9.22
MicrosoftVisual Studio 2019 Version >= 16.10 < 16.11.6
MicrosoftVisual Studio 2019 Version8.10 SwPlatformmacos
MicrosoftVisual Studio 2022 Version >= 17.0 < 17.0.11
MicrosoftVisual Studio 2022 Version >= 17.2 < 17.2.5
FedoraprojectFedora Version35
FedoraprojectFedora Version36
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.33% 0.916
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N
secure@microsoft.com 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30184
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DMP34G53EA2DBTBLFOAQCDZRRENE2EA2/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWNH4AC3LFVX35MDRX5OBZDGD2AMH66K/
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30184
Patch
Vendor Advisory