-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe provided vulnerability information and references do not contain concrete code examples, patch diffs, or explicit function names related to the CVE-2023-36566 fix. While the CWE-20 (Improper Input Validation) and DoS nature suggest potential functions involved in entity resolution, manifest parsing, or reference handling might be implicated, there is no direct evidence in the provided materials to identify specific function names, file paths, or patch changes. Without access to the actual security patches or code modifications between vulnerable and patched versions, we cannot confidently map the vulnerability to precise runtime-detectable functions.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| Microsoft.CommonDataModel.ObjectModel | nuget | < 1.7.4 | 1.7.4 |
| com.microsoft.commondatamodel:objectmodel | maven | < 1.7.4 | 1.7.4 |
| commondatamodel-objectmodel | pip | < 1.7.4 | 1.7.4 |