Lucene search
Veracode Vulnerability DatabaseVERACODE:35816HistoryJun 02, 2022 - 8:55 p.m.
Denial Of Service (DoS)
2022-06-0220:55:36
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
25
.net
visual studio
vulnerability
denial of service
flaw
dotnet
mycookie
chunks
large allocations
exceptions
cpu utilization
server
EPSS
0.002
Percentile
55.0%
.NET and Visual Studio are vulnerable to denial of service. The vulnerability exists due to a flaw in dotnet allowing an attacker to crash the system by sending MyCookie=chunks-2147483647 without the actual cookie chunks, causing large allocations, exceptions, and excess CPU utilization on the server when it tries to read or delete that many chunks.
Related
cvelist
cvelist
CVE-2022-29117 .NET and Visual Studio Denial of Service Vulnerability
2022-05-10 20:34:23
osv
osv
CVE-2022-29117
2022-05-10 21:15:11
BIT-dotnet-sdk-2022-29117
2024-03-06 10:58:18
BIT-dotnet-2022-29117
2024-03-06 10:58:11
redhatcve
redhatcve
CVE-2022-29117
2022-05-10 17:27:51
nvd
nvd
CVE-2022-29117
2022-05-10 21:15:11
github
github
.NET Denial of Service Vulnerability
2022-08-30 19:32:29
prion
prion
Denial of service
2022-05-10 21:15:00
mscve
mscve
.NET and Visual Studio Denial of Service Vulnerability
2022-05-10 08:00:00
cve
cve
CVE-2022-29117
2022-05-10 21:15:11
ibm
ibm
Security Bulletin: IBM Robotic Process Automation may be vulnerable to denial of service due to microsoft.owin.security.cookies (CVE-2022-29117)
2022-10-06 04:10:57
nessus
nessus
Oracle Linux 8 : .NET / 6.0 (ELSA-2022-2199)
2022-05-19 00:00:00
RHEL 7 : .NET 6.0 on RHEL 7 (RHSA-2022:2195)
2022-05-12 00:00:00
Rocky Linux 8 : .NET 6.0 (RLSA-2022:2199)
2022-05-18 00:00:00
altlinux
altlinux
redhat
redhat
rocky
rocky
.NET Core 3.1 security, bug fix, and enhancement update
2022-05-11 13:24:22
.NET 6.0 security, bug fix, and enhancement update
2022-05-11 13:20:34
.NET 5.0 security, bug fix, and enhancement update
2022-05-11 13:22:02
almalinux
almalinux
Important: .NET 6.0 security, bug fix, and enhancement update
2022-05-11 13:20:34
Important: .NET Core 3.1 security, bug fix, and enhancement update
2022-05-11 13:24:22
Important: .NET 5.0 security, bug fix, and enhancement update
2022-05-11 13:22:02
oraclelinux
oraclelinux
.NET 6.0 security, bug fix, and enhancement update
2022-06-30 00:00:00
.NET 6.0 security, bug fix, and enhancement update
2022-05-19 00:00:00
.NET 5.0 security, bug fix, and enhancement update
2022-05-19 00:00:00
openvas
openvas
.NET Core Multiple Denial of Service Vulnerabilities (KB5014326)
2022-05-11 00:00:00
Fedora: Security Advisory for dotnet6.0 (FEDORA-2022-256d559f0c)
2022-05-22 00:00:00
Fedora: Security Advisory for dotnet6.0 (FEDORA-2022-d69fee9f38)
2022-05-22 00:00:00
mskb
mskb
.NET 5.0 Update: May 10, 2022 (KB5014329)
2022-05-10 08:00:00
.NET Core 3.1 Update: May 10, 2022 (KB5014326)
2022-05-10 08:00:00
.NET 6.0 Update: May 10, 2022 (KB5014330)
2022-05-10 08:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: dotnet6.0-6.0.105-1.fc34
2022-05-21 01:06:20
[SECURITY] Fedora 35 Update: dotnet6.0-6.0.105-1.fc35
2022-05-21 01:32:22
[SECURITY] Fedora 36 Update: dotnet6.0-6.0.105-1.fc36
2022-05-21 01:32:15
kaspersky
kaspersky
KLA12535 Multiple vulnerabilities in Microsoft Developer Tools
2022-05-10 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - May 2022
2022-05-10 19:59:20