Lucene search

K
redhatRedHatRHSA-2023:4057
HistoryJul 13, 2023 - 7:27 a.m.

(RHSA-2023:4057) Important: .NET 7.0 security, bug fix, and enhancement update

2023-07-1307:27:07
access.redhat.com
18
.net framework
managed-software framework
security fix
bug fix
enhancement update
cve-2023-33170
race condition
signinmanager
cvss score
unix
dotnet7.0
sdk 7.0.109
runtime 7.0.9
bz#2219634
upstream version

0.001 Low

EPSS

Percentile

45.7%

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

The following packages have been upgraded to a later upstream version: dotnet7.0 (SDK 7.0.109, Runtime 7.0.9). (BZ#2219634)

Security Fix(es):

  • dotnet: race condition in Core SignInManager<TUser> PasswordSignInAsync method (CVE-2023-33170)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.