apk package
chainguard/dotnet-bootstrap-9
pkg:apk/chainguard/dotnet-bootstrap-9
Vulnerabilities (11)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-26130 | Hig | 7.5 | < 9.0.115-r0 | 9.0.115-r0 | Mar 10, 2026 | Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network. | |
| CVE-2026-26127 | Hig | 7.5 | < 9.0.115-r0 | 9.0.115-r0 | Mar 10, 2026 | Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network. | |
| CVE-2025-55248 | — | < 9.0.112-r0 | 9.0.112-r0 | Oct 14, 2025 | Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network. | ||
| CVE-2025-55315 | — | < 9.0.112-r0 | 9.0.112-r0 | Oct 14, 2025 | Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network. | ||
| CVE-2025-30399 | — | < 9.0.109-r0 | 9.0.109-r0 | Jun 13, 2025 | Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network. | ||
| CVE-2025-21172 | — | < 9.0.200-r0 | 9.0.200-r0 | Jan 14, 2025 | .NET and Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2025-21173 | — | < 9.0.200-r0 | 9.0.200-r0 | Jan 14, 2025 | .NET Elevation of Privilege Vulnerability | ||
| CVE-2025-21176 | — | < 9.0.200-r0 | 9.0.200-r0 | Jan 14, 2025 | .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2025-21171 | — | < 9.0.200-r0 | 9.0.200-r0 | Jan 14, 2025 | .NET Remote Code Execution Vulnerability | ||
| CVE-2024-43498 | — | < 9.0.200-r0 | 9.0.200-r0 | Nov 12, 2024 | .NET and Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2024-43499 | — | < 9.0.200-r0 | 9.0.200-r0 | Nov 12, 2024 | .NET and Visual Studio Denial of Service Vulnerability |
- affected < 9.0.115-r0fixed 9.0.115-r0
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.
- affected < 9.0.115-r0fixed 9.0.115-r0
Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network.
- CVE-2025-55248Oct 14, 2025affected < 9.0.112-r0fixed 9.0.112-r0
Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network.
- CVE-2025-55315Oct 14, 2025affected < 9.0.112-r0fixed 9.0.112-r0
Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.
- CVE-2025-30399Jun 13, 2025affected < 9.0.109-r0fixed 9.0.109-r0
Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network.
- CVE-2025-21172Jan 14, 2025affected < 9.0.200-r0fixed 9.0.200-r0
.NET and Visual Studio Remote Code Execution Vulnerability
- CVE-2025-21173Jan 14, 2025affected < 9.0.200-r0fixed 9.0.200-r0
.NET Elevation of Privilege Vulnerability
- CVE-2025-21176Jan 14, 2025affected < 9.0.200-r0fixed 9.0.200-r0
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
- CVE-2025-21171Jan 14, 2025affected < 9.0.200-r0fixed 9.0.200-r0
.NET Remote Code Execution Vulnerability
- CVE-2024-43498Nov 12, 2024affected < 9.0.200-r0fixed 9.0.200-r0
.NET and Visual Studio Remote Code Execution Vulnerability
- CVE-2024-43499Nov 12, 2024affected < 9.0.200-r0fixed 9.0.200-r0
.NET and Visual Studio Denial of Service Vulnerability