CVE-2024-21319

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-21319
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-21319.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-21319
Aliases
Downstream
Related
Published
2024-01-09T19:15:12.070Z
Modified
2026-05-18T05:55:36.752133467Z
Severity
  • 6.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Microsoft Identity Denial of service vulnerability

Database specific 
{
    "unresolved_ranges": [
        {
            "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "17.2.0"
                },
                {
                    "fixed": "17.2.23"
                },
                {
                    "introduced": "17.4.0"
                },
                {
                    "fixed": "17.4.15"
                },
                {
                    "introduced": "17.6.0"
                },
                {
                    "fixed": "17.6.11"
                },
                {
                    "introduced": "17.8.0"
                },
                {
                    "fixed": "17.8.4"
                }
            ],
            "source": "CPE_FIELD",
            "vendor_product": "microsoft:visual_studio_2022"
        }
    ]
}
References

Affected packages

Git
github.com/azuread/azure-activedirectory-identitymodel-extensions-for-dotnet

Affected ranges

Type
GIT
Repo
https://github.com/azuread/azure-activedirectory-identitymodel-extensions-for-dotnet
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
4a329087c3caa42177be407058bbbd373174a458
Fixed
edcac4427888840847c65695e4e5a80516664869
Introduced
bf4cb251a85f1b27bbb208c703f6f3105bdb24ca
Fixed
a607fa5e0005a6178cf1d2fed4fa0f8179cdb186
Database specific 
{
    "extracted_events": [
        {
            "introduced": "5.0.0"
        },
        {
            "fixed": "5.7.0"
        },
        {
            "introduced": "6.0.0"
        },
        {
            "fixed": "6.34.0"
        },
        {
            "introduced": "7.0.0"
        },
        {
            "fixed": "7.1.2"
        }
    ],
    "source": "CPE_FIELD",
    "cpe": "cpe:2.3:a:microsoft:identity_model:*:*:*:*:*:.net:*:*"
}

Affected versions

5.*
5.3.0
5.4.0
6.*
6.10.1
6.11.0
6.11.1
6.12.0
6.12.1
6.12.2
6.13.0
6.13.1
6.14.1
6.15.1
6.16.0
6.17.0
6.18.0
6.19.0
6.20.0
6.22.1
6.23.0
6.23.1
6.24.0
6.25.0
6.25.1
6.26.0
6.27.0
6.28.0
6.28.1
6.29.0
6.30.0
6.30.1
6.31.0
6.32.1
6.32.2
6.32.3
6.5.0
6.5.1
6.6.0
6.7.0
6.7.1
6.9.0
v6.*
v6.32.0
v6.33.0
v6.5.0

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-21319.json"
github.com/dotnet/core

Affected ranges

Type
GIT
Repo
https://github.com/dotnet/core
Events
Introduced
ee849590a02cc5cd61eff18aa64bf985ec45124d
Fixed
73deb1784e9f579ce38c044f8cad095c5d4e4f93
Introduced
63772e2191a750dd3cafa75914cacdb038c7520c
Fixed
73deb1784e9f579ce38c044f8cad095c5d4e4f93
Introduced
d78b3180414d35d6c7d136db753474e2ae2b33df
Fixed
73deb1784e9f579ce38c044f8cad095c5d4e4f93
Database specific 
{
    "extracted_events": [
        {
            "introduced": "6.0.0"
        },
        {
            "fixed": "6.0.26"
        },
        {
            "introduced": "7.0.0"
        },
        {
            "fixed": "7.0.15"
        },
        {
            "introduced": "8.0.0"
        },
        {
            "fixed": "8.0.1"
        }
    ],
    "source": "CPE_FIELD",
    "cpe": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*"
}

Affected versions

v6.*
v6.0.25
v7.*
v7.0.14
v8.*
v8.0.0

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-21319.json"