{"id":"CVE-2021-31204","details":".NET and Visual Studio Elevation of Privilege Vulnerability","aliases":["BIT-dotnet-2021-31204","BIT-dotnet-sdk-2021-31204"],"modified":"2026-05-28T04:06:42.032125683Z","published":"2021-05-11T19:15:10.327Z","database_specific":{"unresolved_ranges":[{"source":"CPE_RANGE","vendor_product":"microsoft:visual_studio_2019","extracted_events":[{"introduced":"16.0"},{"fixed":"16.4.22"},{"introduced":"16.5.0"},{"fixed":"16.7.15"},{"introduced":"16.8.0"},{"fixed":"16.9.5"}],"cpes":["cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"]},{"source":"CPE_STRING","extracted_events":[{"last_affected":"32"},{"last_affected":"33"},{"last_affected":"34"}],"vendor_product":"fedoraproject:fedora","cpes":["cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*","cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*"]},{"source":"CPE_STRING","vendor_product":"microsoft:visual_studio_2019","extracted_events":[{"last_affected":"8.9"}],"cpes":["cpe:2.3:a:microsoft:visual_studio_2019:8.9:*:*:*:*:macos:*:*"]}]},"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4F3VM3RMPE7PNNLLI3BPCSAXITQZCFCA/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6M7KL3KTHJVQNRA3CWFUTESQJARQEHSZ/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FVMWZPF4FR6JPFSNAIDIUDULHZJBVCW6/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFXJPQUYUITJMV75YN3XIGE3KKN5GOCU/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UV4ITB3SUDGR23G7XALUVKFJMZERFUKF/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWF25Z3CZ6LYCOHZ7FPSFAQ426JUBUZ4/"},{"type":"FIX","url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31204"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/dotnet/core","events":[{"introduced":"62bcac3998e1168f4a34b775a06d6451b5ffca7b"},{"last_affected":"f248b40c185672a063fac81d0d69be2658586d4c"},{"introduced":"5c0a0489d157ca82fca6f9b73c682f118e8c4a8a"},{"last_affected":"eee68008af483cc3f273ce53fa9919c53d32d410"}],"database_specific":{"source":"CPE_RANGE","extracted_events":[{"introduced":"5.0"},{"last_affected":"5.0.5"},{"introduced":"3.1"},{"last_affected":"3.1.14"}],"cpe":["cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*","cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*"]}}],"versions":["v3.1.14","v6.0.0-preview.3","v5.0.5","v6.0.0-preview.2","v5.0.4","v3.1.13","v6.0.0-preview.1","v5.0.3","v3.1.12","v2.1.25","v5.0.2","v3.1.11","v2.1.24","v5.0.1","v5.0.0","v3.1.10"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-31204.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}]}