Advisories for Nuget/Microsoft.WindowsDesktop.App.Runtime.win-Arm64 package

2024

.NET Elevation of Privilege Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0, .NET 7.0 ,and .NET 8.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A use-after-free vulnerability exists in WPF which may result in Elevation of Privilege when viewing untrusted documents. This is a Windows only vulnerability.

2023

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

.NET and Visual Studio Elevation of Privilege Vulnerability

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

2022

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

.NET Framework Remote Code Execution Vulnerability.