[SECURITY] Fedora 42 Update: dotnet9.0-9.0.111-1.fc42

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

[SECURITY] Fedora 43 Update: dotnet9.0-9.0.111-1.fc43

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

.NET 9.0 security update

An update is available for dotnet9.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

Oracle Linux 8 : .NET / 9.0 (ELSA-2025-18150)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-18150 advisory. 9.0.111-1.0.1 - Add support for Oracle Linux 9.0.111-1 - Update to .NET SDK 9.0.111 and Runtime 9.0.10 - Resolves: RHEL-116856 Tenable has extracted t...

Oracle Linux 9 : .NET / 8.0 (ELSA-2025-18149)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-18149 advisory. 8.0.121-1.0.1 - Add support for Oracle Linux 8.0.121-1 - Update to .NET SDK 8.0.121 and Runtime 8.0.21 - Resolves: RHEL-116866 Tenable has extracted t...

Inadequate Encryption Strength

Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength via the SMTP process. An attacker can intercept sensitive information by performing a man-in-the-middle attack that prevents the use of TLS, causing data to be sent over an unencrypted connection...

Inadequate Encryption Strength

Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength via the SMTP process. An attacker can intercept sensitive information by performing a man-in-the-middle attack that prevents the use of TLS, causing data to be sent over an unencrypted connection...

.NET 9.0 security update

An update is available for dotnet9.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

.NET 8.0 security update

An update is available for dotnet8.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

.NET 8.0 security update

An update is available for dotnet8.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

Important Photon OS Security Update - PHSA-2025-5.0-0535

Updates of 'dotnet-runtime' packages of Photon OS have been released...

Untrusted Search Path

Overview Affected versions of this package are vulnerable to Untrusted Search Path. An attacker can achieve remote code execution by planting malicious files on the victim's system, with knowledge of where they should be placed, then tricking a user to run these files. Remediation Upgrade...

dotnet: .NET Remote Code Vulnerability

A remote code execution vulnerability in .NET 8.0 and 9.0. An attacker who can place malicious files in specific locations may trigger unintended code execution when the .NET runtime loads these files...

Critical Photon OS Security Update - PHSA-2025-4.0-0804

Updates of 'dotnet-runtime', 'rubygem-jmespath', 'rubygem-kubeclient', 'dotnet-sdk' packages of Photon OS have been released...

Security Bulletin: Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak

Summary LibTIFF is used by IBM Robotic Process Automation for Cloud Pak as part of the .NET Core and Watson NLP CVE-2022-48281, CVE-2023-0800, CVE-2023-0801, CVE-2023-0802, CVE-2023-0803, CVE-2023-0804, . ncurses is used by IBM Robotic Process Automation for Cloud Pak as part of base container...

Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read through the loading of a specially crafted file. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-musl-arm64 to version 8.0.12, 9.0.1 or higher. References - GitHub Issue - GitHub Issue - Security Advisory...

Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read through the loading of a specially crafted file. Remediation Upgrade Microsoft.NETCore.App.Runtime.osx-arm64 to version 8.0.12, 9.0.1 or higher. References - GitHub Issue - GitHub Issue - Security Advisory...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow through the loading of a specially crafted file. Remediation Upgrade Microsoft.NETCore.App.Runtime.osx-x64 to version 8.0.12, 9.0.1 or higher. References - GitHub Issue...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow. An attacker can execute arbitrary code by sending malicious requests designed to exploit the vulnerability. Remediation Upgrade Microsoft.NETCore.App.Runtime.osx-arm64 to version 9.0.1 or higher. References -...

Malicious code in vscode-dotnet-runtime (npm)

--- -= Per source details. Do not edit below this line.=-...