apk package
chainguard/dotnet-9-sdk
pkg:apk/chainguard/dotnet-9-sdk
Vulnerabilities (6)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-33116 | Hig | 7.5 | < 9.0.116-r0 | 9.0.116-r0 | Apr 14, 2026 | Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network. | |
| CVE-2026-26171 | Hig | 7.5 | < 9.0.116-r0 | 9.0.116-r0 | Apr 14, 2026 | Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network. | |
| CVE-2025-55315 | — | < 9.0.111-r0 | 9.0.111-r0 | Oct 14, 2025 | Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network. | ||
| CVE-2025-26646 | — | < 0 | 0 | May 13, 2025 | External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network. | ||
| CVE-2024-43498 | — | < 9.0.2-r0 | 9.0.2-r0 | Nov 12, 2024 | .NET and Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2024-43499 | — | < 9.0.2-r0 | 9.0.2-r0 | Nov 12, 2024 | .NET and Visual Studio Denial of Service Vulnerability |
- affected < 9.0.116-r0fixed 9.0.116-r0
Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network.
- affected < 9.0.116-r0fixed 9.0.116-r0
Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network.
- CVE-2025-55315Oct 14, 2025affected < 9.0.111-r0fixed 9.0.111-r0
Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.
- CVE-2025-26646May 13, 2025affected < 0fixed 0
External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.
- CVE-2024-43498Nov 12, 2024affected < 9.0.2-r0fixed 9.0.2-r0
.NET and Visual Studio Remote Code Execution Vulnerability
- CVE-2024-43499Nov 12, 2024affected < 9.0.2-r0fixed 9.0.2-r0
.NET and Visual Studio Denial of Service Vulnerability