Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-50338 (GCVE-0-2024-50338)
Vulnerability from cvelistv5 – Published: 2025-01-14 18:11 – Updated: 2025-01-14 18:35
VLAI?
EPSS
Title
Carriage-return character in remote URL allows malicious repository to leak credentials in Git Credential Manager
Summary
Git Credential Manager (GCM) is a secure Git credential helper built on .NET that runs on Windows, macOS, and Linux. The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format `key=value`. Git's documentation restricts the use of the NUL (`\0`) character and newlines to form part of the keys or values. When Git reads from standard input, it considers both LF and CRLF as newline characters for the credential protocol by virtue of calling `strbuf_getline` that calls to `strbuf_getdelim_strip_crlf`. Git also validates that a newline is not present in the value by checking for the presence of the line-feed character (LF, `\n`), and errors if this is the case. This captures both LF and CRLF-type newlines. Git Credential Manager uses the .NET standard library `StreamReader` class to read the standard input stream line-by-line and parse the `key=value` credential protocol format. The implementation of the `ReadLineAsync` method considers LF, CRLF, and CR as valid line endings. This is means that .NET considers a single CR as a valid newline character, whereas Git does not. This mismatch of newline treatment between Git and GCM means that an attacker can craft a malicious remote URL. When a user clones or otherwise interacts with a malicious repository that requires authentication, the attacker can capture credentials for another Git remote. The attack is also heightened when cloning from repositories with submodules when using the `--recursive` clone option as the user is not able to inspect the submodule remote URLs beforehand. This issue has been patched in version 2.6.1 and all users are advised to upgrade. Users unable to upgrade should only interact with trusted remote repositories, and not clone with `--recursive` to allow inspection of any submodule URLs before cloning those submodules.
Severity ?
7.4 (High)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://github.com/git-ecosystem/git-credential-m… | x_refsource_CONFIRM |
| https://git-scm.com/docs/git-credential#IOFMT | x_refsource_MISC |
| https://github.com/dotnet/runtime/blob/e476b43b5c… | x_refsource_MISC |
| https://github.com/git-ecosystem/git-credential-m… | x_refsource_MISC |
| https://github.com/git-ecosystem/git-credential-m… | x_refsource_MISC |
| https://github.com/git-ecosystem/git-credential-m… | x_refsource_MISC |
| https://github.com/git/git/blob/6a11438f43469f381… | x_refsource_MISC |
| https://learn.microsoft.com/en-us/dotnet/api/syst… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| git-ecosystem | git-credential-manager |
Affected:
< 2.6.1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-50338",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T18:35:22.661757Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T18:35:33.115Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "git-credential-manager",
"vendor": "git-ecosystem",
"versions": [
{
"status": "affected",
"version": "\u003c 2.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Git Credential Manager (GCM) is a secure Git credential helper built on .NET that runs on Windows, macOS, and Linux. The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format `key=value`. Git\u0027s documentation restricts the use of the NUL (`\\0`) character and newlines to form part of the keys or values. When Git reads from standard input, it considers both LF and CRLF as newline characters for the credential protocol by virtue of calling `strbuf_getline` that calls to `strbuf_getdelim_strip_crlf`. Git also validates that a newline is not present in the value by checking for the presence of the line-feed character (LF, `\\n`), and errors if this is the case. This captures both LF and CRLF-type newlines. Git Credential Manager uses the .NET standard library `StreamReader` class to read the standard input stream line-by-line and parse the `key=value` credential protocol format. The implementation of the `ReadLineAsync` method considers LF, CRLF, and CR as valid line endings. This is means that .NET considers a single CR as a valid newline character, whereas Git does not. This mismatch of newline treatment between Git and GCM means that an attacker can craft a malicious remote URL. When a user clones or otherwise interacts with a malicious repository that requires authentication, the attacker can capture credentials for another Git remote. The attack is also heightened when cloning from repositories with submodules when using the `--recursive` clone option as the user is not able to inspect the submodule remote URLs beforehand. This issue has been patched in version 2.6.1 and all users are advised to upgrade. Users unable to upgrade should only interact with trusted remote repositories, and not clone with `--recursive` to allow inspection of any submodule URLs before cloning those submodules."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T18:11:23.188Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g"
},
{
"name": "https://git-scm.com/docs/git-credential#IOFMT",
"tags": [
"x_refsource_MISC"
],
"url": "https://git-scm.com/docs/git-credential#IOFMT"
},
{
"name": "https://github.com/dotnet/runtime/blob/e476b43b5cb42eb44ce23b1c7b793aa361624cf6/src/libraries/System.Private.CoreLib/src/System/IO/StreamReader.cs#L926",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dotnet/runtime/blob/e476b43b5cb42eb44ce23b1c7b793aa361624cf6/src/libraries/System.Private.CoreLib/src/System/IO/StreamReader.cs#L926"
},
{
"name": "https://github.com/git-ecosystem/git-credential-manager/blob/ae009e11a0fbef804ad9f78816d84a0bc7e052fe/src/shared/Core/StreamExtensions.cs#L138-L141",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/git-ecosystem/git-credential-manager/blob/ae009e11a0fbef804ad9f78816d84a0bc7e052fe/src/shared/Core/StreamExtensions.cs#L138-L141"
},
{
"name": "https://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b"
},
{
"name": "https://github.com/git-ecosystem/git-credential-manager/releases/tag/v2.6.1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/git-ecosystem/git-credential-manager/releases/tag/v2.6.1"
},
{
"name": "https://github.com/git/git/blob/6a11438f43469f3815f2f0fc997bd45792ff04c0/credential.c#L311",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/git/git/blob/6a11438f43469f3815f2f0fc997bd45792ff04c0/credential.c#L311"
},
{
"name": "https://learn.microsoft.com/en-us/dotnet/api/system.io.streamreader?view=net-8.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://learn.microsoft.com/en-us/dotnet/api/system.io.streamreader?view=net-8.0"
}
],
"source": {
"advisory": "GHSA-86c2-4x57-wc8g",
"discovery": "UNKNOWN"
},
"title": "Carriage-return character in remote URL allows malicious repository to leak credentials in Git Credential Manager"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-50338",
"datePublished": "2025-01-14T18:11:23.188Z",
"dateReserved": "2024-10-22T17:54:40.954Z",
"dateUpdated": "2025-01-14T18:35:33.115Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-50338",
"date": "2026-05-20",
"epss": "0.00152",
"percentile": "0.35422"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-50338\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-01-14T19:15:31.967\",\"lastModified\":\"2025-01-14T19:15:31.967\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Git Credential Manager (GCM) is a secure Git credential helper built on .NET that runs on Windows, macOS, and Linux. The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format `key=value`. Git\u0027s documentation restricts the use of the NUL (`\\\\0`) character and newlines to form part of the keys or values. When Git reads from standard input, it considers both LF and CRLF as newline characters for the credential protocol by virtue of calling `strbuf_getline` that calls to `strbuf_getdelim_strip_crlf`. Git also validates that a newline is not present in the value by checking for the presence of the line-feed character (LF, `\\\\n`), and errors if this is the case. This captures both LF and CRLF-type newlines. Git Credential Manager uses the .NET standard library `StreamReader` class to read the standard input stream line-by-line and parse the `key=value` credential protocol format. The implementation of the `ReadLineAsync` method considers LF, CRLF, and CR as valid line endings. This is means that .NET considers a single CR as a valid newline character, whereas Git does not. This mismatch of newline treatment between Git and GCM means that an attacker can craft a malicious remote URL. When a user clones or otherwise interacts with a malicious repository that requires authentication, the attacker can capture credentials for another Git remote. The attack is also heightened when cloning from repositories with submodules when using the `--recursive` clone option as the user is not able to inspect the submodule remote URLs beforehand. This issue has been patched in version 2.6.1 and all users are advised to upgrade. Users unable to upgrade should only interact with trusted remote repositories, and not clone with `--recursive` to allow inspection of any submodule URLs before cloning those submodules.\"},{\"lang\":\"es\",\"value\":\"Git Credential Manager (GCM) es un asistente seguro de credenciales de Git creado en .NET que se ejecuta en Windows, macOS y Linux. El protocolo de credenciales de Git se basa en texto sobre entrada/salida est\u00e1ndar y consta de una serie de l\u00edneas de pares clave-valor en el formato `clave=valor`. La documentaci\u00f3n de Git restringe el uso del car\u00e1cter NUL (`\\\\0`) y las nuevas l\u00edneas para formar parte de las claves o valores. Cuando Git lee desde la entrada est\u00e1ndar, considera tanto LF como CRLF como caracteres de nueva l\u00ednea para el protocolo de credenciales en virtud de la llamada a `strbuf_getline` que llama a `strbuf_getdelim_strip_crlf`. Git tambi\u00e9n valida que no haya una nueva l\u00ednea presente en el valor al verificar la presencia del car\u00e1cter de avance de l\u00ednea (LF, `\\\\n`) y genera errores si este es el caso. Esto captura las nuevas l\u00edneas de tipo LF y CRLF. Git Credential Manager utiliza la clase `StreamReader` Librer\u00eda est\u00e1ndar .NET para leer el flujo de entrada est\u00e1ndar l\u00ednea por l\u00ednea y analizar el formato del protocolo de credenciales `key=value`. La implementaci\u00f3n del m\u00e9todo `ReadLineAsync` considera LF, CRLF y CR como finales de l\u00ednea v\u00e1lidos. Esto significa que .NET considera un solo CR como un car\u00e1cter de nueva l\u00ednea v\u00e1lido, mientras que Git no lo hace. Esta falta de coincidencia en el tratamiento de las nuevas l\u00edneas entre Git y GCM significa que un atacante puede crear una URL remota maliciosa. Cuando un usuario clona o interact\u00faa de otro modo con un repositorio malicioso que requiere autenticaci\u00f3n, el atacante puede capturar las credenciales de otro repositorio remoto de Git. El ataque tambi\u00e9n se intensifica cuando se clona desde repositorios con subm\u00f3dulos cuando se usa la opci\u00f3n de clonaci\u00f3n `--recursive`, ya que el usuario no puede inspeccionar las URL remotas del subm\u00f3dulo de antemano. Este problema se ha corregido en la versi\u00f3n 2.6.1 y se recomienda a todos los usuarios que actualicen. Los usuarios que no puedan actualizar solo deben interactuar con repositorios remotos confiables y no clonar con `--recursive` para permitir la inspecci\u00f3n de cualquier URL de subm\u00f3dulo antes de clonar esos subm\u00f3dulos.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N\",\"baseScore\":7.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":4.0}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"references\":[{\"url\":\"https://git-scm.com/docs/git-credential#IOFMT\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/dotnet/runtime/blob/e476b43b5cb42eb44ce23b1c7b793aa361624cf6/src/libraries/System.Private.CoreLib/src/System/IO/StreamReader.cs#L926\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/git-ecosystem/git-credential-manager/blob/ae009e11a0fbef804ad9f78816d84a0bc7e052fe/src/shared/Core/StreamExtensions.cs#L138-L141\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/git-ecosystem/git-credential-manager/releases/tag/v2.6.1\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/git/git/blob/6a11438f43469f3815f2f0fc997bd45792ff04c0/credential.c#L311\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://learn.microsoft.com/en-us/dotnet/api/system.io.streamreader?view=net-8.0\",\"source\":\"security-advisories@github.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-50338\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-14T18:35:22.661757Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-14T18:35:26.993Z\"}}], \"cna\": {\"title\": \"Carriage-return character in remote URL allows malicious repository to leak credentials in Git Credential Manager\", \"source\": {\"advisory\": \"GHSA-86c2-4x57-wc8g\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"git-ecosystem\", \"product\": \"git-credential-manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 2.6.1\"}]}], \"references\": [{\"url\": \"https://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g\", \"name\": \"https://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://git-scm.com/docs/git-credential#IOFMT\", \"name\": \"https://git-scm.com/docs/git-credential#IOFMT\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/dotnet/runtime/blob/e476b43b5cb42eb44ce23b1c7b793aa361624cf6/src/libraries/System.Private.CoreLib/src/System/IO/StreamReader.cs#L926\", \"name\": \"https://github.com/dotnet/runtime/blob/e476b43b5cb42eb44ce23b1c7b793aa361624cf6/src/libraries/System.Private.CoreLib/src/System/IO/StreamReader.cs#L926\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/git-ecosystem/git-credential-manager/blob/ae009e11a0fbef804ad9f78816d84a0bc7e052fe/src/shared/Core/StreamExtensions.cs#L138-L141\", \"name\": \"https://github.com/git-ecosystem/git-credential-manager/blob/ae009e11a0fbef804ad9f78816d84a0bc7e052fe/src/shared/Core/StreamExtensions.cs#L138-L141\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b\", \"name\": \"https://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/git-ecosystem/git-credential-manager/releases/tag/v2.6.1\", \"name\": \"https://github.com/git-ecosystem/git-credential-manager/releases/tag/v2.6.1\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/git/git/blob/6a11438f43469f3815f2f0fc997bd45792ff04c0/credential.c#L311\", \"name\": \"https://github.com/git/git/blob/6a11438f43469f3815f2f0fc997bd45792ff04c0/credential.c#L311\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://learn.microsoft.com/en-us/dotnet/api/system.io.streamreader?view=net-8.0\", \"name\": \"https://learn.microsoft.com/en-us/dotnet/api/system.io.streamreader?view=net-8.0\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Git Credential Manager (GCM) is a secure Git credential helper built on .NET that runs on Windows, macOS, and Linux. The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format `key=value`. Git\u0027s documentation restricts the use of the NUL (`\\\\0`) character and newlines to form part of the keys or values. When Git reads from standard input, it considers both LF and CRLF as newline characters for the credential protocol by virtue of calling `strbuf_getline` that calls to `strbuf_getdelim_strip_crlf`. Git also validates that a newline is not present in the value by checking for the presence of the line-feed character (LF, `\\\\n`), and errors if this is the case. This captures both LF and CRLF-type newlines. Git Credential Manager uses the .NET standard library `StreamReader` class to read the standard input stream line-by-line and parse the `key=value` credential protocol format. The implementation of the `ReadLineAsync` method considers LF, CRLF, and CR as valid line endings. This is means that .NET considers a single CR as a valid newline character, whereas Git does not. This mismatch of newline treatment between Git and GCM means that an attacker can craft a malicious remote URL. When a user clones or otherwise interacts with a malicious repository that requires authentication, the attacker can capture credentials for another Git remote. The attack is also heightened when cloning from repositories with submodules when using the `--recursive` clone option as the user is not able to inspect the submodule remote URLs beforehand. This issue has been patched in version 2.6.1 and all users are advised to upgrade. Users unable to upgrade should only interact with trusted remote repositories, and not clone with `--recursive` to allow inspection of any submodule URLs before cloning those submodules.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200: Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-01-14T18:11:23.188Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-50338\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-14T18:35:33.115Z\", \"dateReserved\": \"2024-10-22T17:54:40.954Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-01-14T18:11:23.188Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2025-AVI-0041
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | N/A | Microsoft Visual Studio 2019 version 16.x antérieures à 16.11.43 | ||
| Microsoft | N/A | Microsoft Visual Studio 2022 version 17.8 antérieures à 17.8.17 | ||
| Microsoft | N/A | Microsoft AutoUpdate pour Mac versions antérieures à 4.76 | ||
| Microsoft | N/A | Microsoft Visual Studio 2022 version 17.12 antérieures à 17.12.4 | ||
| Microsoft | N/A | Microsoft Visual Studio 2022 version 17.6 antérieures à 17.6.22 | ||
| Microsoft | N/A | Microsoft Visual Studio 2017 version 15.x antérieures à 15.9.69 | ||
| Microsoft | N/A | On-Premises Data Gateway versions antérieures à 3000.246 | ||
| Microsoft | N/A | Microsoft Visual Studio 2022 version 17.10 antérieures à 17.10.10 | ||
| Microsoft | N/A | Microsoft SharePoint Server Subscription Edition versions antérieures à 16.0.17928.20356 | ||
| Microsoft | N/A | Microsoft SharePoint Enterprise Server 2016 versions antérieures à 16.0.5483.1001 | ||
| Microsoft | N/A | Microsoft SharePoint Server 2019 versions antérieures à 16.0.10416.20041 | ||
| Microsoft | N/A | Power Automate pour Desktop versions antérieures à 2.52.62.25009 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Microsoft Visual Studio 2019 version 16.x ant\u00e9rieures \u00e0 16.11.43",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2022 version 17.8 ant\u00e9rieures \u00e0 17.8.17",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft AutoUpdate pour Mac versions ant\u00e9rieures \u00e0 4.76",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2022 version 17.12 ant\u00e9rieures \u00e0 17.12.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2022 version 17.6 ant\u00e9rieures \u00e0 17.6.22",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2017 version 15.x ant\u00e9rieures \u00e0 15.9.69",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "On-Premises Data Gateway versions ant\u00e9rieures \u00e0 3000.246",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2022 version 17.10 ant\u00e9rieures \u00e0 17.10.10",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SharePoint Server Subscription Edition versions ant\u00e9rieures \u00e0 16.0.17928.20356",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SharePoint Enterprise Server 2016 versions ant\u00e9rieures \u00e0 16.0.5483.1001",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SharePoint Server 2019 versions ant\u00e9rieures \u00e0 16.0.10416.20041",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Power Automate pour Desktop versions ant\u00e9rieures \u00e0 2.52.62.25009",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-21393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21393"
},
{
"name": "CVE-2025-21176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21176"
},
{
"name": "CVE-2025-21178",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21178"
},
{
"name": "CVE-2025-21403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21403"
},
{
"name": "CVE-2024-50338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50338"
},
{
"name": "CVE-2025-21171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21171"
},
{
"name": "CVE-2025-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21360"
},
{
"name": "CVE-2025-21348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21348"
},
{
"name": "CVE-2025-21173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21173"
},
{
"name": "CVE-2025-21187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21187"
},
{
"name": "CVE-2025-21405",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21405"
},
{
"name": "CVE-2025-21344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21344"
},
{
"name": "CVE-2025-21172",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21172"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0041",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-01-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Microsoft. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
"vendor_advisories": [
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21176",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21176"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21171",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21171"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21187",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21187"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21393",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21393"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21360",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21360"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21405",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21405"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21172",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21172"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21178",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21178"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21173",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21173"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21344",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21344"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-50338",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-50338"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21348",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21348"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21403",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21403"
}
]
}
CERTFR-2025-AVI-0041
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | N/A | Microsoft Visual Studio 2019 version 16.x antérieures à 16.11.43 | ||
| Microsoft | N/A | Microsoft Visual Studio 2022 version 17.8 antérieures à 17.8.17 | ||
| Microsoft | N/A | Microsoft AutoUpdate pour Mac versions antérieures à 4.76 | ||
| Microsoft | N/A | Microsoft Visual Studio 2022 version 17.12 antérieures à 17.12.4 | ||
| Microsoft | N/A | Microsoft Visual Studio 2022 version 17.6 antérieures à 17.6.22 | ||
| Microsoft | N/A | Microsoft Visual Studio 2017 version 15.x antérieures à 15.9.69 | ||
| Microsoft | N/A | On-Premises Data Gateway versions antérieures à 3000.246 | ||
| Microsoft | N/A | Microsoft Visual Studio 2022 version 17.10 antérieures à 17.10.10 | ||
| Microsoft | N/A | Microsoft SharePoint Server Subscription Edition versions antérieures à 16.0.17928.20356 | ||
| Microsoft | N/A | Microsoft SharePoint Enterprise Server 2016 versions antérieures à 16.0.5483.1001 | ||
| Microsoft | N/A | Microsoft SharePoint Server 2019 versions antérieures à 16.0.10416.20041 | ||
| Microsoft | N/A | Power Automate pour Desktop versions antérieures à 2.52.62.25009 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Microsoft Visual Studio 2019 version 16.x ant\u00e9rieures \u00e0 16.11.43",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2022 version 17.8 ant\u00e9rieures \u00e0 17.8.17",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft AutoUpdate pour Mac versions ant\u00e9rieures \u00e0 4.76",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2022 version 17.12 ant\u00e9rieures \u00e0 17.12.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2022 version 17.6 ant\u00e9rieures \u00e0 17.6.22",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2017 version 15.x ant\u00e9rieures \u00e0 15.9.69",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "On-Premises Data Gateway versions ant\u00e9rieures \u00e0 3000.246",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2022 version 17.10 ant\u00e9rieures \u00e0 17.10.10",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SharePoint Server Subscription Edition versions ant\u00e9rieures \u00e0 16.0.17928.20356",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SharePoint Enterprise Server 2016 versions ant\u00e9rieures \u00e0 16.0.5483.1001",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SharePoint Server 2019 versions ant\u00e9rieures \u00e0 16.0.10416.20041",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Power Automate pour Desktop versions ant\u00e9rieures \u00e0 2.52.62.25009",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-21393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21393"
},
{
"name": "CVE-2025-21176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21176"
},
{
"name": "CVE-2025-21178",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21178"
},
{
"name": "CVE-2025-21403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21403"
},
{
"name": "CVE-2024-50338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50338"
},
{
"name": "CVE-2025-21171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21171"
},
{
"name": "CVE-2025-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21360"
},
{
"name": "CVE-2025-21348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21348"
},
{
"name": "CVE-2025-21173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21173"
},
{
"name": "CVE-2025-21187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21187"
},
{
"name": "CVE-2025-21405",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21405"
},
{
"name": "CVE-2025-21344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21344"
},
{
"name": "CVE-2025-21172",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21172"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0041",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-01-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Microsoft. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
"vendor_advisories": [
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21176",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21176"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21171",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21171"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21187",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21187"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21393",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21393"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21360",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21360"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21405",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21405"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21172",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21172"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21178",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21178"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21173",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21173"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21344",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21344"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-50338",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-50338"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21348",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21348"
},
{
"published_at": "2025-01-14",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-21403",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21403"
}
]
}
BDU:2025-01178
Vulnerability from fstec - Published: 14.01.2025
VLAI Severity ?
Title
Уязвимость функции strbuf_getdelim_strip_crlf кроссплатформенного фреймворка для хранения учётных данных Git Credential Manager (GCM) распределенной системы управления версиями Git, позволяющая нарушителю раскрыть защищаемую информацию
Description
Уязвимость функции strbuf_getdelim_strip_crlf кроссплатформенного фреймворка для хранения учётных данных Git Credential Manager (GCM) распределенной системы управления версиями Git связана с несоответствием обработки новой строки между Git и GCM. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, раскрыть защищаемую информацию, перенаправив пользователя на произвольный URL-адрес
Severity ?
Vendor
Microsoft Corp, Linus Torvalds, Junio Hamano
Software Name
Microsoft Visual Studio 2022, Microsoft Visual Studio 2017, Microsoft Visual Studio 2019, Git
Software Version
17.6 (Microsoft Visual Studio 2022), от 15.0 до 15.8 включительно (Microsoft Visual Studio 2017), от 16.0 до 16.10 включительно (Microsoft Visual Studio 2019), до 2.6.1 (Git), 17.12 (Microsoft Visual Studio 2022), 17.10 (Microsoft Visual Studio 2022), 17.8 (Microsoft Visual Studio 2022)
Possible Mitigations
Обновление программного обеспечения Git до версии 2.6.1 или выше
Для программных продуктов Microsoft Corp.:
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-50338
Reference
https://git-scm.com/docs/git-credential#IOFMT
https://github.com/dotnet/runtime/blob/e476b43b5cb42eb44ce23b1c7b793aa361624cf6/src/libraries/System.Private.CoreLib/src/System/IO/StreamReader.cs#L926
https://github.com/git-ecosystem/git-credential-manager/blob/ae009e11a0fbef804ad9f78816d84a0bc7e052fe/src/shared/Core/StreamExtensions.cs#L138-L141
https://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b
https://github.com/git-ecosystem/git-credential-manager/releases/tag/v2.6.1
https://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g
https://github.com/git/git/blob/6a11438f43469f3815f2f0fc997bd45792ff04c0/credential.c#L311
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-50338
CWE
CWE-200
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Microsoft Corp, Linus Torvalds, Junio Hamano",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "17.6 (Microsoft Visual Studio 2022), \u043e\u0442 15.0 \u0434\u043e 15.8 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Microsoft Visual Studio 2017), \u043e\u0442 16.0 \u0434\u043e 16.10 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Microsoft Visual Studio 2019), \u0434\u043e 2.6.1 (Git), 17.12 (Microsoft Visual Studio 2022), 17.10 (Microsoft Visual Studio 2022), 17.8 (Microsoft Visual Studio 2022)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Git \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2.6.1 \u0438\u043b\u0438 \u0432\u044b\u0448\u0435\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Microsoft Corp.:\nhttps://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-50338",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "14.01.2025",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "06.02.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "06.02.2025",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-01178",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-50338",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Microsoft Visual Studio 2022, Microsoft Visual Studio 2017, Microsoft Visual Studio 2019, Git",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 strbuf_getdelim_strip_crlf \u043a\u0440\u043e\u0441\u0441\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430 \u0434\u043b\u044f \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 Git Credential Manager (GCM) \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438 Git, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 (CWE-200)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 strbuf_getdelim_strip_crlf \u043a\u0440\u043e\u0441\u0441\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430 \u0434\u043b\u044f \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 Git Credential Manager (GCM) \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438 Git \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043d\u043e\u0432\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438 \u043c\u0435\u0436\u0434\u0443 Git \u0438 GCM. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e, \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u0438\u0432 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 URL-\u0430\u0434\u0440\u0435\u0441",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0431\u043e\u0440 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://git-scm.com/docs/git-credential#IOFMT\t\nhttps://github.com/dotnet/runtime/blob/e476b43b5cb42eb44ce23b1c7b793aa361624cf6/src/libraries/System.Private.CoreLib/src/System/IO/StreamReader.cs#L926\t\nhttps://github.com/git-ecosystem/git-credential-manager/blob/ae009e11a0fbef804ad9f78816d84a0bc7e052fe/src/shared/Core/StreamExtensions.cs#L138-L141\t\nhttps://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b\t\nhttps://github.com/git-ecosystem/git-credential-manager/releases/tag/v2.6.1\t\nhttps://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g\t\nhttps://github.com/git/git/blob/6a11438f43469f3815f2f0fc997bd45792ff04c0/credential.c#L311\t\nhttps://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-50338",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-200",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,4)"
}
FKIE_CVE-2024-50338
Vulnerability from fkie_nvd - Published: 2025-01-14 19:15 - Updated: 2026-04-15 00:35
Severity ?
Summary
Git Credential Manager (GCM) is a secure Git credential helper built on .NET that runs on Windows, macOS, and Linux. The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format `key=value`. Git's documentation restricts the use of the NUL (`\0`) character and newlines to form part of the keys or values. When Git reads from standard input, it considers both LF and CRLF as newline characters for the credential protocol by virtue of calling `strbuf_getline` that calls to `strbuf_getdelim_strip_crlf`. Git also validates that a newline is not present in the value by checking for the presence of the line-feed character (LF, `\n`), and errors if this is the case. This captures both LF and CRLF-type newlines. Git Credential Manager uses the .NET standard library `StreamReader` class to read the standard input stream line-by-line and parse the `key=value` credential protocol format. The implementation of the `ReadLineAsync` method considers LF, CRLF, and CR as valid line endings. This is means that .NET considers a single CR as a valid newline character, whereas Git does not. This mismatch of newline treatment between Git and GCM means that an attacker can craft a malicious remote URL. When a user clones or otherwise interacts with a malicious repository that requires authentication, the attacker can capture credentials for another Git remote. The attack is also heightened when cloning from repositories with submodules when using the `--recursive` clone option as the user is not able to inspect the submodule remote URLs beforehand. This issue has been patched in version 2.6.1 and all users are advised to upgrade. Users unable to upgrade should only interact with trusted remote repositories, and not clone with `--recursive` to allow inspection of any submodule URLs before cloning those submodules.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Git Credential Manager (GCM) is a secure Git credential helper built on .NET that runs on Windows, macOS, and Linux. The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format `key=value`. Git\u0027s documentation restricts the use of the NUL (`\\0`) character and newlines to form part of the keys or values. When Git reads from standard input, it considers both LF and CRLF as newline characters for the credential protocol by virtue of calling `strbuf_getline` that calls to `strbuf_getdelim_strip_crlf`. Git also validates that a newline is not present in the value by checking for the presence of the line-feed character (LF, `\\n`), and errors if this is the case. This captures both LF and CRLF-type newlines. Git Credential Manager uses the .NET standard library `StreamReader` class to read the standard input stream line-by-line and parse the `key=value` credential protocol format. The implementation of the `ReadLineAsync` method considers LF, CRLF, and CR as valid line endings. This is means that .NET considers a single CR as a valid newline character, whereas Git does not. This mismatch of newline treatment between Git and GCM means that an attacker can craft a malicious remote URL. When a user clones or otherwise interacts with a malicious repository that requires authentication, the attacker can capture credentials for another Git remote. The attack is also heightened when cloning from repositories with submodules when using the `--recursive` clone option as the user is not able to inspect the submodule remote URLs beforehand. This issue has been patched in version 2.6.1 and all users are advised to upgrade. Users unable to upgrade should only interact with trusted remote repositories, and not clone with `--recursive` to allow inspection of any submodule URLs before cloning those submodules."
},
{
"lang": "es",
"value": "Git Credential Manager (GCM) es un asistente seguro de credenciales de Git creado en .NET que se ejecuta en Windows, macOS y Linux. El protocolo de credenciales de Git se basa en texto sobre entrada/salida est\u00e1ndar y consta de una serie de l\u00edneas de pares clave-valor en el formato `clave=valor`. La documentaci\u00f3n de Git restringe el uso del car\u00e1cter NUL (`\\0`) y las nuevas l\u00edneas para formar parte de las claves o valores. Cuando Git lee desde la entrada est\u00e1ndar, considera tanto LF como CRLF como caracteres de nueva l\u00ednea para el protocolo de credenciales en virtud de la llamada a `strbuf_getline` que llama a `strbuf_getdelim_strip_crlf`. Git tambi\u00e9n valida que no haya una nueva l\u00ednea presente en el valor al verificar la presencia del car\u00e1cter de avance de l\u00ednea (LF, `\\n`) y genera errores si este es el caso. Esto captura las nuevas l\u00edneas de tipo LF y CRLF. Git Credential Manager utiliza la clase `StreamReader` Librer\u00eda est\u00e1ndar .NET para leer el flujo de entrada est\u00e1ndar l\u00ednea por l\u00ednea y analizar el formato del protocolo de credenciales `key=value`. La implementaci\u00f3n del m\u00e9todo `ReadLineAsync` considera LF, CRLF y CR como finales de l\u00ednea v\u00e1lidos. Esto significa que .NET considera un solo CR como un car\u00e1cter de nueva l\u00ednea v\u00e1lido, mientras que Git no lo hace. Esta falta de coincidencia en el tratamiento de las nuevas l\u00edneas entre Git y GCM significa que un atacante puede crear una URL remota maliciosa. Cuando un usuario clona o interact\u00faa de otro modo con un repositorio malicioso que requiere autenticaci\u00f3n, el atacante puede capturar las credenciales de otro repositorio remoto de Git. El ataque tambi\u00e9n se intensifica cuando se clona desde repositorios con subm\u00f3dulos cuando se usa la opci\u00f3n de clonaci\u00f3n `--recursive`, ya que el usuario no puede inspeccionar las URL remotas del subm\u00f3dulo de antemano. Este problema se ha corregido en la versi\u00f3n 2.6.1 y se recomienda a todos los usuarios que actualicen. Los usuarios que no puedan actualizar solo deben interactuar con repositorios remotos confiables y no clonar con `--recursive` para permitir la inspecci\u00f3n de cualquier URL de subm\u00f3dulo antes de clonar esos subm\u00f3dulos."
}
],
"id": "CVE-2024-50338",
"lastModified": "2026-04-15T00:35:42.020",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2025-01-14T19:15:31.967",
"references": [
{
"source": "security-advisories@github.com",
"url": "https://git-scm.com/docs/git-credential#IOFMT"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/dotnet/runtime/blob/e476b43b5cb42eb44ce23b1c7b793aa361624cf6/src/libraries/System.Private.CoreLib/src/System/IO/StreamReader.cs#L926"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/git-ecosystem/git-credential-manager/blob/ae009e11a0fbef804ad9f78816d84a0bc7e052fe/src/shared/Core/StreamExtensions.cs#L138-L141"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/git-ecosystem/git-credential-manager/releases/tag/v2.6.1"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/git/git/blob/6a11438f43469f3815f2f0fc997bd45792ff04c0/credential.c#L311"
},
{
"source": "security-advisories@github.com",
"url": "https://learn.microsoft.com/en-us/dotnet/api/system.io.streamreader?view=net-8.0"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
GHSA-86C2-4X57-WC8G
Vulnerability from github – Published: 2025-01-14 19:40 – Updated: 2025-01-14 21:59
VLAI?
Summary
Git Credential Manager carriage-return character in remote URL allows malicious repository to leak credentials
Details
Description
The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format key=value. Git's documentation restricts the use of the NUL (\0) character and newlines to form part of the keys[^1] or values.
When Git reads from standard input, it considers both LF and CRLF[^2] as newline characters for the credential protocol by virtue of calling strbuf_getline that calls to strbuf_getdelim_strip_crlf. Git also validates that a newline is not present in the value by checking for the presence of the line-feed character (LF, \n), and errors if this is the case. This captures both LF and CRLF-type newlines.
Git Credential Manager uses the .NET standard library StreamReader class to read the standard input stream line-by-line and parse the key=value credential protocol format. The implementation of the ReadLineAsync method considers LF, CRLF, and CR as valid line endings. This is means that .NET considers a single CR as a valid newline character, whereas Git does not.
This mismatch of newline treatment between Git and GCM means that an attacker can craft a malicious remote URL such as:
https://\rhost=targethost@badhost
..which will be interpreted by Git as:
protocol=https
host=badhost
username=\rhost=targethost
This will instead be parsed by GCM as if the following has been passed by Git:
protocol=https
host=badhost
username=
host=targethost
This results in the host field being resolved to the targethost value. GCM will then return a credential for targethost to Git, which will then send this credential to the badhost host.
Impact
When a user clones or otherwise interacts[^3] with a malicious repository that requires authentication, the attacker can capture credentials for another Git remote. The attack is also heightened when cloning from repositories with submodules when using the --recursive clone option as the user is not able to inspect the submodule remote URLs beforehand.
Patches
https://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b
Workarounds
Only interacting with trusted remote repositories, and do not clone with --recursive to allow inspection of any submodule URLs before cloning those submodules.
Fixed versions
This issue is fixed as of version 2.6.1.
[^1]: The = character is also forbidden to form part of the key.
[^2]: Carriage-return character (CR, \r), followed by a line-feed character.
[^3]: Any remote operation such as fetch, ls-remote, etc.
Severity ?
7.4 (High)
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.6.0"
},
"package": {
"ecosystem": "NuGet",
"name": "git-credential-manager"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.6.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-50338"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-436"
],
"github_reviewed": true,
"github_reviewed_at": "2025-01-14T19:40:54Z",
"nvd_published_at": "2025-01-14T19:15:31Z",
"severity": "HIGH"
},
"details": "### Description\nThe [Git credential protocol](https://git-scm.com/docs/git-credential#IOFMT) is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format `key=value`. Git\u0027s documentation restricts the use of the NUL (`\\0`) character and newlines to form part of the keys[^1] or values.\n\nWhen Git reads from standard input, it considers both LF and CRLF[^2] as newline characters for the credential protocol by virtue of [calling `strbuf_getline`](https://github.com/git/git/blob/6a11438f43469f3815f2f0fc997bd45792ff04c0/credential.c#L311) that calls to `strbuf_getdelim_strip_crlf`. Git also validates that a newline is not present in the value by checking for the presence of the line-feed character (LF, `\\n`), and errors if this is the case. This captures both LF and CRLF-type newlines.\n\nGit Credential Manager uses the .NET standard library [`StreamReader`](https://learn.microsoft.com/en-us/dotnet/api/system.io.streamreader?view=net-8.0) class to [read the standard input stream line-by-line](https://github.com/git-ecosystem/git-credential-manager/blob/ae009e11a0fbef804ad9f78816d84a0bc7e052fe/src/shared/Core/StreamExtensions.cs#L138-L141) and parse the `key=value` credential protocol format. The [implementation of the `ReadLineAsync` method](https://github.com/dotnet/runtime/blob/e476b43b5cb42eb44ce23b1c7b793aa361624cf6/src/libraries/System.Private.CoreLib/src/System/IO/StreamReader.cs#L926) considers LF, CRLF, and CR as valid line endings. This is means that .NET considers a single CR as a valid newline character, whereas Git does not.\n\nThis mismatch of newline treatment between Git and GCM means that an attacker can craft a malicious remote URL such as:\n\n```\nhttps://\\rhost=targethost@badhost\n```\n\n..which will be interpreted by Git as:\n\n```\nprotocol=https\nhost=badhost\nusername=\\rhost=targethost\n```\n\nThis will instead be parsed by GCM as if the following has been passed by Git:\n\n```\nprotocol=https\nhost=badhost\nusername=\nhost=targethost\n```\n\nThis results in the `host` field being resolved to the `targethost` value. GCM will then return a credential for `targethost` to Git, which will then send this credential to the `badhost` host.\n\n### Impact\nWhen a user clones or otherwise interacts[^3] with a malicious repository that requires authentication, the attacker can capture credentials for another Git remote. The attack is also heightened when cloning from repositories with submodules when using the `--recursive` clone option as the user is not able to inspect the submodule remote URLs beforehand.\n\n### Patches\nhttps://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b\n\n### Workarounds\nOnly interacting with trusted remote repositories, and do not clone with `--recursive` to allow inspection of any submodule URLs before cloning those submodules.\n\n### Fixed versions\nThis issue is fixed as of [version 2.6.1](https://github.com/git-ecosystem/git-credential-manager/releases/tag/v2.6.1).\n\n[^1]: The `=` character is also forbidden to form part of the key.\n[^2]: Carriage-return character (CR, `\\r`), followed by a line-feed character.\n[^3]: Any remote operation such as `fetch`, `ls-remote`, etc.",
"id": "GHSA-86c2-4x57-wc8g",
"modified": "2025-01-14T21:59:51Z",
"published": "2025-01-14T19:40:54Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50338"
},
{
"type": "WEB",
"url": "https://git-scm.com/docs/git-credential#IOFMT"
},
{
"type": "WEB",
"url": "https://github.com/dotnet/runtime/blob/e476b43b5cb42eb44ce23b1c7b793aa361624cf6/src/libraries/System.Private.CoreLib/src/System/IO/StreamReader.cs#L926"
},
{
"type": "PACKAGE",
"url": "https://github.com/git-ecosystem/git-credential-manager"
},
{
"type": "WEB",
"url": "https://github.com/git-ecosystem/git-credential-manager/blob/ae009e11a0fbef804ad9f78816d84a0bc7e052fe/src/shared/Core/StreamExtensions.cs#L138-L141"
},
{
"type": "WEB",
"url": "https://github.com/git-ecosystem/git-credential-manager/compare/749e287571c78a2b61f926ccce6a707050871ab8...99e2f7f60e7364fe807e7925f361a81f3c47bd1b"
},
{
"type": "WEB",
"url": "https://github.com/git-ecosystem/git-credential-manager/releases/tag/v2.6.1"
},
{
"type": "WEB",
"url": "https://github.com/git/git/blob/6a11438f43469f3815f2f0fc997bd45792ff04c0/credential.c#L311"
},
{
"type": "WEB",
"url": "https://learn.microsoft.com/en-us/dotnet/api/system.io.streamreader?view=net-8.0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Git Credential Manager carriage-return character in remote URL allows malicious repository to leak credentials"
}
NCSC-2025-0011
Vulnerability from csaf_ncscnl - Published: 2025-01-14 19:10 - Updated: 2025-01-14 19:10Summary
Kwetsbaarheden verholpen in Microsoft Developer Tools
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Microsoft heeft kwetsbaarheden verholpen in Visual Studio en .NET.
Interpretaties: Een kwaadwillende kan de kwetsbaarheden misbruiken om zich verhoogde rechten toe te kennen, toegang te krijgen tot gevoelige gegevens of om willekeurige code uit te voeren in de context van het slachtoffer.
Voor succesvol misbruik moet de kwaadwillende het slachtoffer misleiden een malafide bestand te openen en verwerken.
```
Visual Studio:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2024-50338 | 7.40 | Toegang tot gevoelige gegevens |
| CVE-2025-21178 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-21405 | 7.30 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
.NET, .NET Framework, Visual Studio:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21176 | 8.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
.NET:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21171 | 8.10 | Uitvoeren van willekeurige code |
| CVE-2025-21173 | 8.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
.NET and Visual Studio:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21172 | 7.50 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
```
Oplossingen: Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:
https://portal.msrc.microsoft.com/en-us/security-guidance
Kans: medium
Schade: high
CWE-126: Buffer Over-read
CWE-379: Creation of Temporary File in Directory with Insecure Permissions
CWE-190: Integer Overflow or Wraparound
CWE-125: Out-of-bounds Read
CWE-284: Improper Access Control
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-122: Heap-based Buffer Overflow
CWE-200
- Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
- Heap-based Buffer Overflow
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
.net_9.0
microsoft
|
cpe:2.3:a:microsoft:.net_9.0:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2022_version_17.12
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.12:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2022_version_17.6
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.6:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2022_version_17.8
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.8:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2022_version_17.10
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.10:*:*:*:*:*:*:*:*
|
— |
CWE-122
- Heap-based Buffer Overflow
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
microsoft_visual_studio_2017_version_15.9__includes_15.0_-_15.8_
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2017_version_15.9__includes_15.0_-_15.8_:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2019_version_16.11__includes_16.0_-_16.10_
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2019_version_16.11__includes_16.0_-_16.10_:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2022_version_17.6
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.6:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2022_version_17.8
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.8:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2022_version_17.10
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.10:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2022_version_17.12
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.12:*:*:*:*:*:*:*:*
|
— | |
|
.net_8.0
microsoft
|
cpe:2.3:a:microsoft:.net_8.0:*:*:*:*:*:*:*:*
|
— | |
|
.net_9.0
microsoft
|
cpe:2.3:a:microsoft:.net_9.0:*:*:*:*:*:*:*:*
|
— |
CWE-379
- Creation of Temporary File in Directory with Insecure Permissions
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
.net_8.0
microsoft
|
cpe:2.3:a:microsoft:.net_8.0:*:*:*:*:*:*:*:*
|
— | |
|
.net_9.0
microsoft
|
cpe:2.3:a:microsoft:.net_9.0:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2022_version_17.12
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.12:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2022_version_17.6
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.6:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2022_version_17.8
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.8:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2022_version_17.10
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.10:*:*:*:*:*:*:*:*
|
— |
CWE-126
- Buffer Over-read
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
microsoft_visual_studio_2017_version_15.9__includes_15.0_-_15.8_
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2017_version_15.9__includes_15.0_-_15.8_:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2019_version_16.11__includes_16.0_-_16.10_
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2019_version_16.11__includes_16.0_-_16.10_:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2022_version_17.6
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.6:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2022_version_17.8
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.8:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2022_version_17.10
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.10:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2022_version_17.12
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.12:*:*:*:*:*:*:*:*
|
— | |
|
.net_8.0
microsoft
|
cpe:2.3:a:microsoft:.net_8.0:*:*:*:*:*:*:*:*
|
— | |
|
.net_9.0
microsoft
|
cpe:2.3:a:microsoft:.net_9.0:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_.net_framework_3.5_and_4.8.1
microsoft
|
cpe:2.3:a:microsoft:microsoft_.net_framework_3.5_and_4.8.1:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_.net_framework_4.8
microsoft
|
cpe:2.3:a:microsoft:microsoft_.net_framework_4.8:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_.net_framework_3.5_and_4.8
microsoft
|
cpe:2.3:a:microsoft:microsoft_.net_framework_3.5_and_4.8:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_.net_framework_3.5_and_4.7.2
microsoft
|
cpe:2.3:a:microsoft:microsoft_.net_framework_3.5_and_4.7.2:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_.net_framework_3.5_and_4.6.2_4.7_4.7.1_4.7.2
microsoft
|
cpe:2.3:a:microsoft:microsoft_.net_framework_3.5_and_4.6.2_4.7_4.7.1_4.7.2:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_.net_framework_4.6.2_4.7_4.7.1_4.7.2
microsoft
|
cpe:2.3:a:microsoft:microsoft_.net_framework_4.6.2_4.7_4.7.1_4.7.2:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_.net_framework_4.6.2
microsoft
|
cpe:2.3:a:microsoft:microsoft_.net_framework_4.6.2:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_.net_framework_4.6_4.6.2
microsoft
|
cpe:2.3:a:microsoft:microsoft_.net_framework_4.6_4.6.2:*:*:*:*:*:*:*:*
|
— |
CWE-122
- Heap-based Buffer Overflow
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
microsoft_visual_studio_2017_version_15.9__includes_15.0_-_15.8_
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2017_version_15.9__includes_15.0_-_15.8_:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2019_version_16.11__includes_16.0_-_16.10_
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2019_version_16.11__includes_16.0_-_16.10_:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2022_version_17.6
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.6:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2022_version_17.8
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.8:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2022_version_17.10
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.10:*:*:*:*:*:*:*:*
|
— | |
|
microsoft_visual_studio_2022_version_17.12
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.12:*:*:*:*:*:*:*:*
|
— |
CWE-284
- Improper Access Control
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
microsoft_visual_studio_2022_version_17.12
microsoft
|
cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.12:*:*:*:*:*:*:*:*
|
— |
References
7 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Microsoft heeft kwetsbaarheden verholpen in Visual Studio en .NET.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om zich verhoogde rechten toe te kennen, toegang te krijgen tot gevoelige gegevens of om willekeurige code uit te voeren in de context van het slachtoffer.\n\nVoor succesvol misbruik moet de kwaadwillende het slachtoffer misleiden een malafide bestand te openen en verwerken.\n\n```\nVisual Studio: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-50338 | 7.40 | Toegang tot gevoelige gegevens | \n| CVE-2025-21178 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2025-21405 | 7.30 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\n.NET, .NET Framework, Visual Studio: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21176 | 8.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\n.NET: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21171 | 8.10 | Uitvoeren van willekeurige code | \n| CVE-2025-21173 | 8.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\n.NET and Visual Studio: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21172 | 7.50 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\n\n```",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:\n\nhttps://portal.msrc.microsoft.com/en-us/security-guidance",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Buffer Over-read",
"title": "CWE-126"
},
{
"category": "general",
"text": "Creation of Temporary File in Directory with Insecure Permissions",
"title": "CWE-379"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"title": "Kwetsbaarheden verholpen in Microsoft Developer Tools",
"tracking": {
"current_release_date": "2025-01-14T19:10:44.895101Z",
"id": "NCSC-2025-0011",
"initial_release_date": "2025-01-14T19:10:44.895101Z",
"revision_history": [
{
"date": "2025-01-14T19:10:44.895101Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": ".net_8.0",
"product": {
"name": ".net_8.0",
"product_id": "CSAFPID-1741483",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:.net_8.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": ".net_9.0",
"product": {
"name": ".net_9.0",
"product_id": "CSAFPID-1741383",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:.net_9.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "microsoft_.net_framework_3.5_and_4.6.2_4.7_4.7.1_4.7.2",
"product": {
"name": "microsoft_.net_framework_3.5_and_4.6.2_4.7_4.7.1_4.7.2",
"product_id": "CSAFPID-1747222",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:microsoft_.net_framework_3.5_and_4.6.2_4.7_4.7.1_4.7.2:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "microsoft_.net_framework_3.5_and_4.7.2",
"product": {
"name": "microsoft_.net_framework_3.5_and_4.7.2",
"product_id": "CSAFPID-1741478",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:microsoft_.net_framework_3.5_and_4.7.2:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "microsoft_.net_framework_3.5_and_4.8.1",
"product": {
"name": "microsoft_.net_framework_3.5_and_4.8.1",
"product_id": "CSAFPID-1741469",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:microsoft_.net_framework_3.5_and_4.8.1:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "microsoft_.net_framework_3.5_and_4.8",
"product": {
"name": "microsoft_.net_framework_3.5_and_4.8",
"product_id": "CSAFPID-1741477",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:microsoft_.net_framework_3.5_and_4.8:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "microsoft_.net_framework_4.6.2",
"product": {
"name": "microsoft_.net_framework_4.6.2",
"product_id": "CSAFPID-1741470",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:microsoft_.net_framework_4.6.2:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "microsoft_.net_framework_4.6.2_4.7_4.7.1_4.7.2",
"product": {
"name": "microsoft_.net_framework_4.6.2_4.7_4.7.1_4.7.2",
"product_id": "CSAFPID-1741468",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:microsoft_.net_framework_4.6.2_4.7_4.7.1_4.7.2:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "microsoft_.net_framework_4.6_4.6.2",
"product": {
"name": "microsoft_.net_framework_4.6_4.6.2",
"product_id": "CSAFPID-1741471",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:microsoft_.net_framework_4.6_4.6.2:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "microsoft_.net_framework_4.8",
"product": {
"name": "microsoft_.net_framework_4.8",
"product_id": "CSAFPID-1741476",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:microsoft_.net_framework_4.8:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "microsoft_visual_studio_2017_version_15.9__includes_15.0_-_15.8_",
"product": {
"name": "microsoft_visual_studio_2017_version_15.9__includes_15.0_-_15.8_",
"product_id": "CSAFPID-1717938",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:microsoft_visual_studio_2017_version_15.9__includes_15.0_-_15.8_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "microsoft_visual_studio_2019_version_16.11__includes_16.0_-_16.10_",
"product": {
"name": "microsoft_visual_studio_2019_version_16.11__includes_16.0_-_16.10_",
"product_id": "CSAFPID-1717935",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:microsoft_visual_studio_2019_version_16.11__includes_16.0_-_16.10_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "microsoft_visual_studio_2022_version_17.10",
"product": {
"name": "microsoft_visual_studio_2022_version_17.10",
"product_id": "CSAFPID-1741374",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.10:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "microsoft_visual_studio_2022_version_17.12",
"product": {
"name": "microsoft_visual_studio_2022_version_17.12",
"product_id": "CSAFPID-1749644",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.12:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "microsoft_visual_studio_2022_version_17.6",
"product": {
"name": "microsoft_visual_studio_2022_version_17.6",
"product_id": "CSAFPID-1741372",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.6:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "microsoft_visual_studio_2022_version_17.8",
"product": {
"name": "microsoft_visual_studio_2022_version_17.8",
"product_id": "CSAFPID-1741373",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:microsoft_visual_studio_2022_version_17.8:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "microsoft"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-50338",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-50338",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50338.json"
}
],
"title": "CVE-2024-50338"
},
{
"cve": "CVE-2025-21171",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1741383",
"CSAFPID-1749644",
"CSAFPID-1741372",
"CSAFPID-1741373",
"CSAFPID-1741374"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21171",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21171.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1741383",
"CSAFPID-1749644",
"CSAFPID-1741372",
"CSAFPID-1741373",
"CSAFPID-1741374"
]
}
],
"title": "CVE-2025-21171"
},
{
"cve": "CVE-2025-21172",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1717938",
"CSAFPID-1717935",
"CSAFPID-1741372",
"CSAFPID-1741373",
"CSAFPID-1741374",
"CSAFPID-1749644",
"CSAFPID-1741483",
"CSAFPID-1741383"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21172",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21172.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1717938",
"CSAFPID-1717935",
"CSAFPID-1741372",
"CSAFPID-1741373",
"CSAFPID-1741374",
"CSAFPID-1749644",
"CSAFPID-1741483",
"CSAFPID-1741383"
]
}
],
"title": "CVE-2025-21172"
},
{
"cve": "CVE-2025-21173",
"cwe": {
"id": "CWE-379",
"name": "Creation of Temporary File in Directory with Insecure Permissions"
},
"notes": [
{
"category": "other",
"text": "Creation of Temporary File in Directory with Insecure Permissions",
"title": "CWE-379"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1741483",
"CSAFPID-1741383",
"CSAFPID-1749644",
"CSAFPID-1741372",
"CSAFPID-1741373",
"CSAFPID-1741374"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21173",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21173.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1741483",
"CSAFPID-1741383",
"CSAFPID-1749644",
"CSAFPID-1741372",
"CSAFPID-1741373",
"CSAFPID-1741374"
]
}
],
"title": "CVE-2025-21173"
},
{
"cve": "CVE-2025-21176",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "other",
"text": "Buffer Over-read",
"title": "CWE-126"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1717938",
"CSAFPID-1717935",
"CSAFPID-1741372",
"CSAFPID-1741373",
"CSAFPID-1741374",
"CSAFPID-1749644",
"CSAFPID-1741483",
"CSAFPID-1741383",
"CSAFPID-1741469",
"CSAFPID-1741476",
"CSAFPID-1741477",
"CSAFPID-1741478",
"CSAFPID-1747222",
"CSAFPID-1741468",
"CSAFPID-1741470",
"CSAFPID-1741471"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21176",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21176.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1717938",
"CSAFPID-1717935",
"CSAFPID-1741372",
"CSAFPID-1741373",
"CSAFPID-1741374",
"CSAFPID-1749644",
"CSAFPID-1741483",
"CSAFPID-1741383",
"CSAFPID-1741469",
"CSAFPID-1741476",
"CSAFPID-1741477",
"CSAFPID-1741478",
"CSAFPID-1747222",
"CSAFPID-1741468",
"CSAFPID-1741470",
"CSAFPID-1741471"
]
}
],
"title": "CVE-2025-21176"
},
{
"cve": "CVE-2025-21178",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1717938",
"CSAFPID-1717935",
"CSAFPID-1741372",
"CSAFPID-1741373",
"CSAFPID-1741374",
"CSAFPID-1749644"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21178",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21178.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1717938",
"CSAFPID-1717935",
"CSAFPID-1741372",
"CSAFPID-1741373",
"CSAFPID-1741374",
"CSAFPID-1749644"
]
}
],
"title": "CVE-2025-21178"
},
{
"cve": "CVE-2025-21405",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1749644"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21405",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21405.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1749644"
]
}
],
"title": "CVE-2025-21405"
}
]
}
WID-SEC-W-2025-0093
Vulnerability from csaf_certbund - Published: 2025-01-14 23:00 - Updated: 2025-02-13 23:00Summary
Microsoft Developer Tools: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Microsoft Visual Studio ist eine integrierte Entwicklungsumgebung für Hochsprachen.
Microsoft .NET Framework ist eine Komponente des Microsoft Windows-Betriebssystems, das die Erstellung und Ausführung von Softwareanwendungen und Webdiensten ermöglicht. Es beinhaltet sowohl eine Laufzeitumgebung als auch ein Framework von Klassenbibliotheken (APIs), u. a. für die Programmiersprache ASP (ASP.NET), den Datenzugriff (ADO.NET), intelligente Clientanwendungen (Windows Forms) und weitere.
Windows ist ein Betriebssystem von Microsoft.
Windows Server 2016 ist ein Betriebssystem von Microsoft.
Windows Server 2019 ist ein Betriebssystem von Microsoft.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Microsoft Visual Studio 2017, Microsoft .NET Framework, Microsoft Windows Server 2012, Microsoft Windows Server 2012 R2, Microsoft Windows Server 2016, Microsoft Windows Server 2019, Microsoft Windows Server 2022, Microsoft Visual Studio 2019, Microsoft Visual Studio 2022 und Microsoft Windows ausnutzen, um seine Privilegien zu erhöhen, beliebigen Code auszuführen und vertrauliche Informationen preiszugeben.
Betroffene Betriebssysteme: - Linux
- Windows
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Visual Studio 2017 15.0-15.9
Microsoft / Visual Studio 2017
|
cpe:/a:microsoft:visual_studio_2017:15.0_-_15.9
|
15.0-15.9 | |
|
Microsoft Visual Studio 2019 16.0-16.11
Microsoft / Visual Studio 2019
|
cpe:/a:microsoft:visual_studio_2019:16.0_-_16.11
|
16.0-16.11 | |
|
Microsoft Visual Studio 2022 17.12
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.12
|
17.12 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Microsoft Visual Studio 2022 17.10
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.10
|
17.1 | |
|
Microsoft .NET Framework
Microsoft
|
cpe:/a:microsoft:.net_framework:-
|
— | |
|
Microsoft Visual Studio 2022 17.6
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.6
|
17.6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Microsoft Visual Studio 2022 17.8
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.8
|
17.8 |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Visual Studio 2017 15.0-15.9
Microsoft / Visual Studio 2017
|
cpe:/a:microsoft:visual_studio_2017:15.0_-_15.9
|
15.0-15.9 | |
|
Microsoft Visual Studio 2019 16.0-16.11
Microsoft / Visual Studio 2019
|
cpe:/a:microsoft:visual_studio_2019:16.0_-_16.11
|
16.0-16.11 | |
|
Microsoft Visual Studio 2022 17.12
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.12
|
17.12 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Microsoft Visual Studio 2022 17.10
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.10
|
17.1 | |
|
Microsoft .NET Framework
Microsoft
|
cpe:/a:microsoft:.net_framework:-
|
— | |
|
Microsoft Visual Studio 2022 17.6
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.6
|
17.6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Microsoft Visual Studio 2022 17.8
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.8
|
17.8 |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Visual Studio 2017 15.0-15.9
Microsoft / Visual Studio 2017
|
cpe:/a:microsoft:visual_studio_2017:15.0_-_15.9
|
15.0-15.9 | |
|
Microsoft Visual Studio 2019 16.0-16.11
Microsoft / Visual Studio 2019
|
cpe:/a:microsoft:visual_studio_2019:16.0_-_16.11
|
16.0-16.11 | |
|
Microsoft Visual Studio 2022 17.12
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.12
|
17.12 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Microsoft Visual Studio 2022 17.10
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.10
|
17.1 | |
|
Microsoft .NET Framework
Microsoft
|
cpe:/a:microsoft:.net_framework:-
|
— | |
|
Microsoft Visual Studio 2022 17.6
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.6
|
17.6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Microsoft Visual Studio 2022 17.8
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.8
|
17.8 |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Visual Studio 2017 15.0-15.9
Microsoft / Visual Studio 2017
|
cpe:/a:microsoft:visual_studio_2017:15.0_-_15.9
|
15.0-15.9 | |
|
Microsoft Visual Studio 2019 16.0-16.11
Microsoft / Visual Studio 2019
|
cpe:/a:microsoft:visual_studio_2019:16.0_-_16.11
|
16.0-16.11 | |
|
Microsoft Visual Studio 2022 17.12
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.12
|
17.12 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Microsoft Visual Studio 2022 17.10
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.10
|
17.1 | |
|
Microsoft .NET Framework
Microsoft
|
cpe:/a:microsoft:.net_framework:-
|
— | |
|
Microsoft Visual Studio 2022 17.6
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.6
|
17.6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Microsoft Visual Studio 2022 17.8
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.8
|
17.8 |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Visual Studio 2017 15.0-15.9
Microsoft / Visual Studio 2017
|
cpe:/a:microsoft:visual_studio_2017:15.0_-_15.9
|
15.0-15.9 | |
|
Microsoft Visual Studio 2019 16.0-16.11
Microsoft / Visual Studio 2019
|
cpe:/a:microsoft:visual_studio_2019:16.0_-_16.11
|
16.0-16.11 | |
|
Microsoft Visual Studio 2022 17.12
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.12
|
17.12 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Microsoft Visual Studio 2022 17.10
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.10
|
17.1 | |
|
Microsoft .NET Framework
Microsoft
|
cpe:/a:microsoft:.net_framework:-
|
— | |
|
Microsoft Visual Studio 2022 17.6
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.6
|
17.6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Microsoft Visual Studio 2022 17.8
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.8
|
17.8 |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Visual Studio 2017 15.0-15.9
Microsoft / Visual Studio 2017
|
cpe:/a:microsoft:visual_studio_2017:15.0_-_15.9
|
15.0-15.9 | |
|
Microsoft Visual Studio 2019 16.0-16.11
Microsoft / Visual Studio 2019
|
cpe:/a:microsoft:visual_studio_2019:16.0_-_16.11
|
16.0-16.11 | |
|
Microsoft Visual Studio 2022 17.12
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.12
|
17.12 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Microsoft Visual Studio 2022 17.10
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.10
|
17.1 | |
|
Microsoft .NET Framework
Microsoft
|
cpe:/a:microsoft:.net_framework:-
|
— | |
|
Microsoft Visual Studio 2022 17.6
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.6
|
17.6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Microsoft Visual Studio 2022 17.8
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.8
|
17.8 |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Visual Studio 2017 15.0-15.9
Microsoft / Visual Studio 2017
|
cpe:/a:microsoft:visual_studio_2017:15.0_-_15.9
|
15.0-15.9 | |
|
Microsoft Visual Studio 2019 16.0-16.11
Microsoft / Visual Studio 2019
|
cpe:/a:microsoft:visual_studio_2019:16.0_-_16.11
|
16.0-16.11 | |
|
Microsoft Visual Studio 2022 17.12
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.12
|
17.12 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Microsoft Visual Studio 2022 17.10
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.10
|
17.1 | |
|
Microsoft .NET Framework
Microsoft
|
cpe:/a:microsoft:.net_framework:-
|
— | |
|
Microsoft Visual Studio 2022 17.6
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.6
|
17.6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Microsoft Visual Studio 2022 17.8
Microsoft / Visual Studio 2022
|
cpe:/a:microsoft:visual_studio_2022:17.8
|
17.8 |
References
11 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Microsoft Visual Studio ist eine integrierte Entwicklungsumgebung f\u00fcr Hochsprachen.\r\nMicrosoft .NET Framework ist eine Komponente des Microsoft Windows-Betriebssystems, das die Erstellung und Ausf\u00fchrung von Softwareanwendungen und Webdiensten erm\u00f6glicht. Es beinhaltet sowohl eine Laufzeitumgebung als auch ein Framework von Klassenbibliotheken (APIs), u. a. f\u00fcr die Programmiersprache ASP (ASP.NET), den Datenzugriff (ADO.NET), intelligente Clientanwendungen (Windows Forms) und weitere.\r\nWindows ist ein Betriebssystem von Microsoft.\r\nWindows Server 2016 ist ein Betriebssystem von Microsoft.\r\nWindows Server 2019 ist ein Betriebssystem von Microsoft.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Microsoft Visual Studio 2017, Microsoft .NET Framework, Microsoft Windows Server 2012, Microsoft Windows Server 2012 R2, Microsoft Windows Server 2016, Microsoft Windows Server 2019, Microsoft Windows Server 2022, Microsoft Visual Studio 2019, Microsoft Visual Studio 2022 und Microsoft Windows ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren und vertrauliche Informationen preiszugeben.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0093 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0093.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0093 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0093"
},
{
"category": "external",
"summary": "Microsoft Leitfaden f\u00fcr Sicherheitsupdates",
"url": "https://msrc.microsoft.com/update-guide/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7210-1 vom 2025-01-16",
"url": "https://ubuntu.com/security/notices/USN-7210-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0381 vom 2025-01-16",
"url": "https://access.redhat.com/errata/RHSA-2025:0381"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0382 vom 2025-01-16",
"url": "https://access.redhat.com/errata/RHSA-2025:0382"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-0382 vom 2025-01-17",
"url": "https://linux.oracle.com/errata/ELSA-2025-0382.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-0381 vom 2025-01-17",
"url": "https://linux.oracle.com/errata/ELSA-2025-0381.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0532 vom 2025-01-21",
"url": "https://access.redhat.com/errata/RHSA-2025:0532"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:0381 vom 2025-02-13",
"url": "https://errata.build.resf.org/RLSA-2025:0381"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:0382 vom 2025-02-13",
"url": "https://errata.build.resf.org/RLSA-2025:0382"
}
],
"source_lang": "en-US",
"title": "Microsoft Developer Tools: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-02-13T23:00:00.000+00:00",
"generator": {
"date": "2025-02-14T11:52:37.740+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0093",
"initial_release_date": "2025-01-14T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-01-14T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-01-16T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Ubuntu und Red Hat aufgenommen"
},
{
"date": "2025-01-19T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-01-21T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-02-13T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Microsoft .NET Framework",
"product": {
"name": "Microsoft .NET Framework",
"product_id": "T017480",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:.net_framework:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "15.0-15.9",
"product": {
"name": "Microsoft Visual Studio 2017 15.0-15.9",
"product_id": "T041196",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:visual_studio_2017:15.0_-_15.9"
}
}
}
],
"category": "product_name",
"name": "Visual Studio 2017"
},
{
"branches": [
{
"category": "product_version",
"name": "16.0-16.11",
"product": {
"name": "Microsoft Visual Studio 2019 16.0-16.11",
"product_id": "T041195",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:visual_studio_2019:16.0_-_16.11"
}
}
}
],
"category": "product_name",
"name": "Visual Studio 2019"
},
{
"branches": [
{
"category": "product_version",
"name": "17.6",
"product": {
"name": "Microsoft Visual Studio 2022 17.6",
"product_id": "1419194",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:visual_studio_2022:17.6"
}
}
},
{
"category": "product_version",
"name": "17.8",
"product": {
"name": "Microsoft Visual Studio 2022 17.8",
"product_id": "1565309",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:visual_studio_2022:17.8"
}
}
},
{
"category": "product_version",
"name": "17.1",
"product": {
"name": "Microsoft Visual Studio 2022 17.10",
"product_id": "T036003",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:visual_studio_2022:17.10"
}
}
},
{
"category": "product_version",
"name": "17.12",
"product": {
"name": "Microsoft Visual Studio 2022 17.12",
"product_id": "T041194",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:visual_studio_2022:17.12"
}
}
}
],
"category": "product_name",
"name": "Visual Studio 2022"
}
],
"category": "vendor",
"name": "Microsoft"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-50338",
"product_status": {
"known_affected": [
"T041196",
"T041195",
"T041194",
"67646",
"T000126",
"T036003",
"T017480",
"1419194",
"T004914",
"T032255",
"1565309"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2024-50338"
},
{
"cve": "CVE-2025-21171",
"product_status": {
"known_affected": [
"T041196",
"T041195",
"T041194",
"67646",
"T000126",
"T036003",
"T017480",
"1419194",
"T004914",
"T032255",
"1565309"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21171"
},
{
"cve": "CVE-2025-21172",
"product_status": {
"known_affected": [
"T041196",
"T041195",
"T041194",
"67646",
"T000126",
"T036003",
"T017480",
"1419194",
"T004914",
"T032255",
"1565309"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21172"
},
{
"cve": "CVE-2025-21173",
"product_status": {
"known_affected": [
"T041196",
"T041195",
"T041194",
"67646",
"T000126",
"T036003",
"T017480",
"1419194",
"T004914",
"T032255",
"1565309"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21173"
},
{
"cve": "CVE-2025-21176",
"product_status": {
"known_affected": [
"T041196",
"T041195",
"T041194",
"67646",
"T000126",
"T036003",
"T017480",
"1419194",
"T004914",
"T032255",
"1565309"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21176"
},
{
"cve": "CVE-2025-21178",
"product_status": {
"known_affected": [
"T041196",
"T041195",
"T041194",
"67646",
"T000126",
"T036003",
"T017480",
"1419194",
"T004914",
"T032255",
"1565309"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21178"
},
{
"cve": "CVE-2025-21405",
"product_status": {
"known_affected": [
"T041196",
"T041195",
"T041194",
"67646",
"T000126",
"T036003",
"T017480",
"1419194",
"T004914",
"T032255",
"1565309"
]
},
"release_date": "2025-01-14T23:00:00.000+00:00",
"title": "CVE-2025-21405"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…