.NET and Visual Studio Remote Code Execution Vulnerability
Loading...
Loading...
This high-severity CVE scores 8.1 under NVD CVSS v3. EPSS exploit probability: 1.0%, top 23% of all CVEs by exploit prediction. GitHub Security Advisory data not yet ingested — confidence will rise once GHSA publishes (typical lag: hours to days for open-source ecosystem CVEs; never for infrastructure-only CVEs).
.NET and Visual Studio Remote Code Execution Vulnerability
October 8, 2024
May 6, 2025
| Package | Vulnerable range | Fixed in | Dependents |
|---|---|---|---|
| Microsoft.AspNetCore.App.Runtime.linux-arm | 8.0.0 ... 8.0.8 (9 versions) | 8.0.10 | — |
| Microsoft.AspNetCore.App.Runtime.linux-arm64 | 8.0.0 ... 8.0.8 (9 versions) | 8.0.10 | — |
| Microsoft.AspNetCore.App.Runtime.linux-musl-arm | 8.0.0 ... 8.0.8 (9 versions) | 8.0.10 | — |
| Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 | 8.0.0 ... 8.0.8 (9 versions) | 8.0.10 | — |
| Microsoft.AspNetCore.App.Runtime.linux-musl-x64 | 8.0.0 ... 8.0.8 (9 versions) | 8.0.10 | — |
| Microsoft.AspNetCore.App.Runtime.linux-x64 | 8.0.0 ... 8.0.8 (9 versions) | 8.0.10 | — |
| Microsoft.AspNetCore.App.Runtime.osx-arm64 | 8.0.0 ... 8.0.8 (9 versions) | 8.0.10 | — |
| Microsoft.AspNetCore.App.Runtime.osx-x64 | 8.0.0 ... 8.0.8 (9 versions) | 8.0.10 | — |
| Microsoft.AspNetCore.App.Runtime.win-arm | — | 8.0.10 | — |
| Microsoft.AspNetCore.App.Runtime.win-arm64 | 8.0.0 ... 8.0.8 (9 versions) | 8.0.10 | — |
| Microsoft.AspNetCore.App.Runtime.win-x64 | 8.0.0 ... 8.0.8 (9 versions) | 8.0.10 | — |
| Microsoft.AspNetCore.App.Runtime.win-x86 | 8.0.0 ... 8.0.8 (9 versions) | 8.0.10 | — |
Every vendor that published an advisory referencing this CVE — pulled from our cve_vendor_advisories aggregation. Click any row for the vendor's original advisory page.
See which npm, PyPI, Go, and Maven packages are affected by CVE-2024-38229
EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.