CVE-2023-36049
- Source
- https://cve.org/CVERecord?id=CVE-2023-36049
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-36049.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-36049
- Aliases
- Downstream
- Related
- Published
- 2023-11-14T21:15:10.083Z
- Modified
- 2026-05-18T05:56:40.431856823Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
- Database specific
{ "unresolved_ranges": [ { "extracted_events": [ { "last_affected": "8.0.0-rc1" }, { "last_affected": "8.0.0-rc2" } ], "source": "CPE_FIELD", "vendor_product": "microsoft:.net", "cpes": [ "cpe:2.3:a:microsoft:.net:8.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net:8.0.0:rc2:*:*:*:*:*:*" ] }, { "extracted_events": [ { "last_affected": "2.0-sp2" }, { "last_affected": "3.0-sp2" }, { "last_affected": "3.5-NA" }, { "last_affected": "3.5-NA" }, { "last_affected": "4.6.2" }, { "last_affected": "4.7" }, { "last_affected": "4.7.1" }, { "last_affected": "4.7.2" }, { "last_affected": "3.5-NA" }, { "last_affected": "4.7.2" }, { "last_affected": "3.5-NA" }, { "last_affected": "4.8" }, { "last_affected": "3.5-NA" }, { "last_affected": "4.8.1" }, { "last_affected": "3.5.1" }, { "last_affected": "4.6.2" }, { "last_affected": "4.6.2" }, { "last_affected": "4.7" }, { "last_affected": "4.7.1" }, { "last_affected": "4.7.2" }, { "last_affected": "4.8" } ], "source": "CPE_FIELD", "vendor_product": "microsoft:.net_framework", "cpes": [ "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*" ] }, { "extracted_events": [ { "introduced": "17.2" }, { "fixed": "17.2.22" }, { "introduced": "17.4" }, { "fixed": "17.4.14" }, { "introduced": "17.6" }, { "fixed": "17.6.10" }, { "introduced": "17.7" }, { "fixed": "17.7.7" } ], "source": "CPE_FIELD", "vendor_product": "microsoft:visual_studio_2022", "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*" ] } ] }- References
Affected packages
Git / github.com/dotnet/core
Affected versions
v3.*
v3.1.31
v3.1.32
v6.*
v6.0.11
v6.0.12
v6.0.13
v6.0.14
v6.0.15
v6.0.16
v6.0.18
v6.0.19
v6.0.20
v6.0.21
v6.0.22
v6.0.23
v6.0.24
v7.*
v7.0.0
v7.0.1
v7.0.10
v7.0.11
v7.0.12
v7.0.13
v7.0.2
v7.0.3
v7.0.4
v7.0.5
v7.0.7
v7.0.8
v7.0.9
v8.*
v8.0.0-preview.1
v8.0.0-preview.2
v8.0.0-preview.3
v8.0.0-preview.4
v8.0.0-preview.5
v8.0.0-preview.6
v8.0.0-preview.7
v8.0.0-rc.1
v8.0.0-rc.2