VYPR
High severityCISA KEVNVD Advisory· Published Jul 14, 2020· Updated Oct 21, 2025

CVE-2020-1147

CVE-2020-1147

Description

A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
Microsoft.NETCore.AppNuGet
>= 2.1.0, < 2.1.202.1.20
Microsoft.NETCore.App.Runtime.linux-armNuGet
>= 3.1.0, < 3.1.63.1.6
Microsoft.NETCore.App.Runtime.linux-arm64NuGet
>= 3.1.0, < 3.1.63.1.6
Microsoft.NETCore.App.Runtime.linux-musl-arm64NuGet
>= 3.1.0, < 3.1.63.1.6
Microsoft.NETCore.App.Runtime.linux-musl-x64NuGet
>= 3.1.0, < 3.1.63.1.6
Microsoft.NETCore.App.Runtime.linux-x64NuGet
>= 3.1.0, < 3.1.63.1.6
Microsoft.NETCore.App.Runtime.osx-x64NuGet
>= 3.1.0, < 3.1.63.1.6
Microsoft.NETCore.App.Runtime.rhel.6-x64NuGet
>= 3.1.0, < 3.1.63.1.6
Microsoft.NETCore.App.Runtime.win-armNuGet
>= 3.1.0, < 3.1.63.1.6
Microsoft.NETCore.App.Runtime.win-arm64NuGet
>= 3.1.0, < 3.1.63.1.6
Microsoft.NETCore.App.Runtime.win-x64NuGet
>= 3.1.0, < 3.1.63.1.6
Microsoft.NETCore.App.Runtime.win-x86NuGet
>= 3.1.0, < 3.1.63.1.6

Affected products

80
  • ghsa-coords12 versions
    >= 2.1.0, < 2.1.20+ 11 more
    • (no CPE)range: >= 2.1.0, < 2.1.20
    • (no CPE)range: >= 3.1.0, < 3.1.6
    • (no CPE)range: >= 3.1.0, < 3.1.6
    • (no CPE)range: >= 3.1.0, < 3.1.6
    • (no CPE)range: >= 3.1.0, < 3.1.6
    • (no CPE)range: >= 3.1.0, < 3.1.6
    • (no CPE)range: >= 3.1.0, < 3.1.6
    • (no CPE)range: >= 3.1.0, < 3.1.6
    • (no CPE)range: >= 3.1.0, < 3.1.6
    • (no CPE)range: >= 3.1.0, < 3.1.6
    • (no CPE)range: >= 3.1.0, < 3.1.6
    • (no CPE)range: >= 3.1.0, < 3.1.6
  • Microsoft/.net Frameworkcpe-rescue7 versions
    Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2+ 6 more
    • (no CPE)range: Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2
    • (no CPE)range: Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2
    • (no CPE)range: Windows 8.1 for 32-bit systems
    • (no CPE)range: Windows 7 for 32-bit Systems Service Pack 1
    • (no CPE)range: Windows 7 for 32-bit Systems Service Pack 1
    • (no CPE)range: Windows Server 2008 for 32-bit Systems Service Pack 2
    • (no CPE)range: Windows 7 for 32-bit Systems Service Pack 1
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for 32-bit Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for x64-based Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016v5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 (Server Core installation)v5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.6/4.6.1/4.6.2 on Windows 10 for 32-bit Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.6/4.6.1/4.6.2 on Windows 10 for x64-based Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.7.1/4.7.2 on Windows 10 Version 1709 for 32-bit Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.7.1/4.7.2 on Windows 10 Version 1709 for ARM64-based Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.7.1/4.7.2 on Windows 10 Version 1709 for x64-based Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1803 for 32-bit Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1803 for ARM64-based Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1803 for x64-based Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for 32-bit Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for ARM64-based Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019v5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019 (Server Core installation)v5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server, version 1803 (Server Core Installation)v5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for 32-bit Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for ARM64-based Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for x64-based Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for 32-bit Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for ARM64-based Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for x64-based Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 2004 for 32-bit Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 2004 for ARM64-based Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 2004 for x64-based Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019v5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 (Server Core installation)v5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 1903 (Server Core installation)v5
    Range: 1903
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 1909 (Server Core installation)v5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 2004 (Server Core installation)v5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 4.8 on Windows 10 Version 1709 for 32-bit Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 4.8 on Windows 10 Version 1709 for x64-based Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 4.8 on Windows 10 Version 1803 for 32-bit Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 4.8 on Windows 10 Version 1803 for x64-based Systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 4.8 on Windows 7 for 32-bit Systems Service Pack 1v5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 4.8 on Windows 7 for x64-based Systems Service Pack 1v5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 4.8 on Windows 8.1 for 32-bit systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 4.8 on Windows 8.1 for x64-based systemsv5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 4.8 on Windows RT 8.1v5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1v5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)v5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 4.8 on Windows Server 2012v5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 4.8 on Windows Server 2012 R2v5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation)v5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation)v5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 4.8 on Windows Server 2016v5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 4.8 on Windows Server 2016 (Server Core installation)v5
    Range: unspecified
  • Microsoft/Microsoft .NET Framework 4.8 on Windows Server, version 1803 (Server Core Installation)v5
    Range: unspecified
  • Microsoft/Sharepoint Servercpe-rescue2 versions
    2016+ 1 more
    • (no CPE)range: 2016
    • (no CPE)range: 2019
  • Microsoft/Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)v5
    Range: unspecified
  • Microsoft/Microsoft Visual Studio 2019v5
    Range: 16.0
  • Microsoft/Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)v5
    Range: unspecified
  • Microsoft/Microsoft Visual Studio 2019 version 16.6 (includes 16.0 - 16.5)v5
    Range: unspecified
  • Range: 2.1

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.