← Back

CVE-2023-21567

nvd nist
Published: Feb 14, 2023Modified: Nov 21, 2024

JSON object

Loading...
5.6
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H
Exploitability: 1.3 / Impact: 4.2
Source: secure@microsoft.com (Secondary)

Description

Visual Studio Denial of Service Vulnerability

Affected (5)

Microsoft
3 products
Visual Studio 2017
Visual Studio 2019
Visual Studio 2022
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Visual Studio 2017
From 15.0 to 15.9.52
Visual Studio 2019
From 16.0 to 16.11.24
Microsoft
Visual Studio 2022
From 17.0 to 17.0.19
Visual Studio 2022
From 17.2 to 17.2.13
Visual Studio 2022
From 17.4 to 17.4.5

Related CWEs

CWE-59
Improper Link Resolution Before File Access ('Link Following')
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References (2)

Source: secure@microsoft.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.