RLSA-2025:7589

Опубликовано: 29 июл. 2025

Источник: rocky

Оценка: Important

Описание

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.116 and .NET Runtime 8.0.16.Security Fix(es):

dotnet: .NET and Visual Studio Spoofing Vulnerability (CVE-2025-26646)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 8

Связанные CVE

CVE-2025-26646

Ссылки на источники

Исправления

https://bugzilla.redhat.com/show_bug.cgi?id=2365317
Red Hat - 2365317

Связанные уязвимости

CVE-2025-26646

CVSS3: 8

ubuntu

3 месяца назад

External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.

CVE-2025-26646

CVSS3: 8

redhat

3 месяца назад

External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.

CVE-2025-26646

CVSS3: 8

nvd

3 месяца назад

External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.

CVE-2025-26646

CVSS3: 8

msrc

3 месяца назад

.NET, Visual Studio, and Build Tools for Visual Studio Spoofing Vulnerability

RLSA-2025:7571

rocky

9 дней назад

Important: .NET 9.0 security update