VYPR

rpm package

almalinux/dotnet-sdk-9.0-source-built-artifacts

pkg:rpm/almalinux/dotnet-sdk-9.0-source-built-artifacts

Vulnerabilities (18)

  • CVE-2026-33116HigApr 14, 2026
    affected < 9.0.116-1.el10_1fixed 9.0.116-1.el10_1

    Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network.

  • CVE-2026-32203HigApr 14, 2026
    affected < 9.0.116-1.el10_1fixed 9.0.116-1.el10_1

    Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network.

  • CVE-2026-32178HigApr 14, 2026
    affected < 9.0.116-1.el10_1fixed 9.0.116-1.el10_1

    Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2026-26171HigApr 14, 2026
    affected < 9.0.116-1.el10_1fixed 9.0.116-1.el10_1

    Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network.

  • CVE-2026-26130HigMar 10, 2026
    affected < 9.0.115-1.el8_10fixed 9.0.115-1.el8_10

    Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.

  • CVE-2026-26127HigMar 10, 2026
    affected < 9.0.115-1.el8_10fixed 9.0.115-1.el8_10

    Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network.

  • CVE-2025-55248Oct 14, 2025
    affected < 9.0.111-1.el8_10fixed 9.0.111-1.el8_10

    Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network.

  • CVE-2025-55315Oct 14, 2025
    affected < 9.0.111-1.el8_10fixed 9.0.111-1.el8_10

    Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.

  • CVE-2025-55247Oct 14, 2025
    affected < 9.0.111-1.el8_10fixed 9.0.111-1.el8_10

    Improper link resolution before file access ('link following') in .NET allows an authorized attacker to elevate privileges locally.

  • CVE-2025-30399Jun 13, 2025
    affected < 9.0.107-1.el8_10fixed 9.0.107-1.el8_10

    Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network.

  • CVE-2025-26646May 13, 2025
    affected < 9.0.106-1.el8_10fixed 9.0.106-1.el8_10

    External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.

  • CVE-2025-24070Mar 11, 2025
    affected < 9.0.104-1.el8_10fixed 9.0.104-1.el8_10

    Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.

  • CVE-2025-21172Jan 14, 2025
    affected < 9.0.102-1.el8_10fixed 9.0.102-1.el8_10

    .NET and Visual Studio Remote Code Execution Vulnerability

  • CVE-2025-21173Jan 14, 2025
    affected < 9.0.102-1.el8_10fixed 9.0.102-1.el8_10

    .NET Elevation of Privilege Vulnerability

  • CVE-2025-21176Jan 14, 2025
    affected < 9.0.102-1.el8_10fixed 9.0.102-1.el8_10

    .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

  • CVE-2025-21171Jan 14, 2025
    affected < 9.0.102-1.el8_10fixed 9.0.102-1.el8_10

    .NET Remote Code Execution Vulnerability

  • CVE-2024-43498Nov 12, 2024
    affected < 9.0.100-1.el9_5fixed 9.0.100-1.el9_5

    .NET and Visual Studio Remote Code Execution Vulnerability

  • CVE-2024-43499Nov 12, 2024
    affected < 9.0.100-1.el9_5fixed 9.0.100-1.el9_5

    .NET and Visual Studio Denial of Service Vulnerability