Lucene search

K
redhatRedHatRHSA-2023:4059
HistoryJul 13, 2023 - 7:27 a.m.

(RHSA-2023:4059) Important: .NET 6.0 security, bug fix, and enhancement update

2023-07-1307:27:48
access.redhat.com
20
dotnet
security
bug fix
enhancement
cve-2023-33170
race condition
sdk 6.0.120
runtime 6.0.20
bz#2219639
cvss score
acknowledgments
cve page

0.001 Low

EPSS

Percentile

45.7%

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

The following packages have been upgraded to a later upstream version: dotnet6.0 (SDK 6.0.120, Runtime 6.0.20). (BZ#2219639)

Security Fix(es):

  • dotnet: race condition in Core SignInManager<TUser> PasswordSignInAsync method (CVE-2023-33170)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.