USN-8025-2: .NET vulnerability

USN 8025-1 fixed a vulnerability in .NET. This update provides the corresponding fix for Ubuntu 24.04 LTS. Original advisory details: Kevin Jones discovered that the System.Security.Cryptography.Cose component in .NET did not properly handle certain missing special elements in input data. An...

Ubuntu 22.04 LTS / 25.10 : .NET vulnerability (USN-8025-1)

The remote Ubuntu 22.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8025-1 advisory. Kevin Jones discovered that the System.Security.Cryptography.Cose component in .NET did not properly handle certain missing special elements in input data...

USN-8025-1: .NET vulnerability

Kevin Jones discovered that the System.Security.Cryptography.Cose component in .NET did not properly handle certain missing special elements in input data. An attacker could possibly use this issue to bypass security checks and gain unauthorized access or perform data manipulation...

GHSA-QVHC-9V3J-5RFW Microsoft Security Advisory CVE-2026-21218 | .NET Security Feature Bypass Vulnerability

Microsoft Security Advisory CVE-2026-21218 | .NET Security Feature Bypass Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do...

dotnet: Multiple .NET components susceptible to hash flooding

A flaw was found in dotnet. The System.Security.Cryptography.Cose, System.IO.Packaging and System.Runtime.Caching components may be exposed to hostile input, making them susceptible to hash flooding attacks, resulting in denial of service...

dotnet: Multiple .NET components susceptible to hash flooding

A flaw was found in dotnet. The System.Security.Cryptography.Cose, System.IO.Packaging and System.Runtime.Caching components may be exposed to hostile input, making them susceptible to hash flooding attacks, resulting in denial of service...