Miggo Logo

GHSA-q8g5-rw97-f55h: Duplicate Advisory: Microsoft Security Advisory CVE-2025-55247 | .NET Denial of Service Vulnerability

7.3

CVSS Score
3.1

Basic Information

CVE ID
-
EPSS Score
-
Published
10/14/2025
Updated
10/15/2025
KEV Status
No
Technology
TechnologyC#

Technical Details

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
Microsoft.Build.Tasks.Corenuget= 17.15.0-preview-25277-11418.0.0-preview-25476-107

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

I have determined that the initial vulnerability advisory GHSA-q8g5-rw97-f55h is a duplicate of GHSA-w3q9-fxm7-j8fq. My initial attempts to find information on GHSA-w3q9-fxm7-j8fq and the associated CVE CVE-2025-55247 (which appears to be a placeholder) were unsuccessful. The provided information does not contain any links to source code, commits, or pull requests that would allow me to perform a detailed analysis of the code changes and identify the specific vulnerable functions. Without access to the security patches, I cannot determine the exact functions that were modified to address the "Improper Link Resolution Before File Access" vulnerability. Therefore, I cannot confidently provide the names of the vulnerable functions.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### *upli**t* **visory T*is **visory **s ***n wit**r*wn ****us* it is * *upli**t* o* **S*-w*q*-*xm*-j**q. T*is link is m*int*in** to pr*s*rv* *xt*rn*l r***r*n**s. ### Ori*in*l **s*ription Improp*r link r*solution ***or* *il* ****ss ('link *ollowin*'

Reasoning

I **v* **t*rmin** t**t t** initi*l vuln*r**ility **visory `**S*-q***-rw**-****` is * *upli**t* o* `**S*-w*q*-*xm*-j**q`. My initi*l *tt*mpts to *in* in*orm*tion on `**S*-w*q*-*xm*-j**q` *n* t** *sso*i*t** *V* `*V*-****-*****` (w*i** *pp**rs to ** * p