CVE-2020-1147 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2020-1147 Interim 1 4 2025-02-17T01:44:40Z current 2023-10-31T00:40:34Z 2025-02-17T01:44:40Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2020-1147 A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Liberty Linux 8 aspnetcore-runtime-3.1-3.1.6-1.el8_2 aspnetcore-targeting-pack-3.1-3.1.6-1.el8_2 dotnet-3.1.106-1.el8_2 dotnet-apphost-pack-3.1-3.1.6-1.el8_2 dotnet-host-3.1.6-1.el8_2 dotnet-host-fxr-2.1-2.1.20-1.el8_2 dotnet-hostfxr-3.1-3.1.6-1.el8_2 dotnet-runtime-2.1-2.1.20-1.el8_2 dotnet-runtime-3.1-3.1.6-1.el8_2 dotnet-sdk-2.1-2.1.516-1.el8_2 dotnet-sdk-2.1.5xx-2.1.516-1.el8_2 dotnet-sdk-3.1-3.1.106-1.el8_2 dotnet-targeting-pack-3.1-3.1.6-1.el8_2 dotnet-templates-3.1-3.1.106-1.el8_2 netstandard-targeting-pack-2.1-3.1.106-1.el8_2 aspnetcore-runtime-3.1-3.1.6-1.el8_2 as a component of SUSE Liberty Linux 8 aspnetcore-targeting-pack-3.1-3.1.6-1.el8_2 as a component of SUSE Liberty Linux 8 dotnet-3.1.106-1.el8_2 as a component of SUSE Liberty Linux 8 dotnet-apphost-pack-3.1-3.1.6-1.el8_2 as a component of SUSE Liberty Linux 8 dotnet-host-3.1.6-1.el8_2 as a component of SUSE Liberty Linux 8 dotnet-host-fxr-2.1-2.1.20-1.el8_2 as a component of SUSE Liberty Linux 8 dotnet-hostfxr-3.1-3.1.6-1.el8_2 as a component of SUSE Liberty Linux 8 dotnet-runtime-2.1-2.1.20-1.el8_2 as a component of SUSE Liberty Linux 8 dotnet-runtime-3.1-3.1.6-1.el8_2 as a component of SUSE Liberty Linux 8 dotnet-sdk-2.1-2.1.516-1.el8_2 as a component of SUSE Liberty Linux 8 dotnet-sdk-2.1.5xx-2.1.516-1.el8_2 as a component of SUSE Liberty Linux 8 dotnet-sdk-3.1-3.1.106-1.el8_2 as a component of SUSE Liberty Linux 8 dotnet-targeting-pack-3.1-3.1.6-1.el8_2 as a component of SUSE Liberty Linux 8 dotnet-templates-3.1-3.1.106-1.el8_2 as a component of SUSE Liberty Linux 8 netstandard-targeting-pack-2.1-3.1.106-1.el8_2 as a component of SUSE Liberty Linux 8 A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'. CVE-2020-1147 SUSE Liberty Linux 8:aspnetcore-runtime-3.1-3.1.6-1.el8_2 SUSE Liberty Linux 8:aspnetcore-targeting-pack-3.1-3.1.6-1.el8_2 SUSE Liberty Linux 8:dotnet-3.1.106-1.el8_2 SUSE Liberty Linux 8:dotnet-apphost-pack-3.1-3.1.6-1.el8_2 SUSE Liberty Linux 8:dotnet-host-3.1.6-1.el8_2 SUSE Liberty Linux 8:dotnet-host-fxr-2.1-2.1.20-1.el8_2 SUSE Liberty Linux 8:dotnet-hostfxr-3.1-3.1.6-1.el8_2 SUSE Liberty Linux 8:dotnet-runtime-2.1-2.1.20-1.el8_2 SUSE Liberty Linux 8:dotnet-runtime-3.1-3.1.6-1.el8_2 SUSE Liberty Linux 8:dotnet-sdk-2.1-2.1.516-1.el8_2 SUSE Liberty Linux 8:dotnet-sdk-2.1.5xx-2.1.516-1.el8_2 SUSE Liberty Linux 8:dotnet-sdk-3.1-3.1.106-1.el8_2 SUSE Liberty Linux 8:dotnet-targeting-pack-3.1-3.1.6-1.el8_2 SUSE Liberty Linux 8:dotnet-templates-3.1-3.1.106-1.el8_2 SUSE Liberty Linux 8:netstandard-targeting-pack-2.1-3.1.106-1.el8_2 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H