USN-7822-1
- Source
- https://ubuntu.com/security/notices/USN-7822-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7822-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/USN-7822-1
- Upstream
- Related
- Published
- 2025-10-16T15:11:14.134787Z
- Modified
- 2025-10-20T10:32:13.797333Z
- Summary
- dotnet8, dotnet9, dotnet10 vulnerabilities
- Details
-
It was discovered that .NET did not properly handle the creation of temporary build time directories. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-55247)
It was discovered that .NET did not properly establish TLS sessions for SMTP server connections. An attacker could use this issue to cause .NET to use unencrypted connections. This issue only affects .NET versions 8.0 and 9.0. (CVE-2025-55248)
It was discovered that .NET inconsistently interpreted certain http requests. An attacker could possibly use this to bypass a security feature over a network. (CVE-2025-55315)
- References
Affected packages
Ubuntu:22.04:LTS
dotnet8
Package
- Name
- dotnet8
- Purl
- pkg:deb/ubuntu/dotnet8@8.0.121-8.0.21-0ubuntu1~22.04.1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.0.121-8.0.21-0ubuntu1~22.04.1
Affected versions
8.*
8.0.102-8.0.2-0ubuntu1~22.04.1
8.0.103-8.0.3-0ubuntu1~22.04.1
8.0.103-8.0.3-0ubuntu1~22.04.2
8.0.105-8.0.5-0ubuntu1~22.04.1
8.0.107-8.0.7-0ubuntu1~22.04.1
8.0.108-8.0.8-0ubuntu1~22.04.1
8.0.110-8.0.10-0ubuntu1~22.04.1
8.0.111-8.0.11-0ubuntu1~22.04.1
8.0.112-8.0.12-0ubuntu1~22.04.1
8.0.114-8.0.14-0ubuntu1~22.04.1
8.0.115-8.0.15-0ubuntu1~22.04.1
8.0.116-8.0.16-0ubuntu1~22.04.1
8.0.117-8.0.17-0ubuntu1~22.04.1
8.0.118-8.0.18-0ubuntu1~22.04.1
8.0.119-8.0.19-0ubuntu1~22.04.1
8.0.120-8.0.20-0ubuntu1~22.04.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "aspnetcore-runtime-8.0",
"binary_version": "8.0.21-0ubuntu1~22.04.1"
},
{
"binary_name": "aspnetcore-runtime-dbg-8.0",
"binary_version": "8.0.21-0ubuntu1~22.04.1"
},
{
"binary_name": "aspnetcore-targeting-pack-8.0",
"binary_version": "8.0.21-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet-apphost-pack-8.0",
"binary_version": "8.0.21-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet-host-8.0",
"binary_version": "8.0.21-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet-hostfxr-8.0",
"binary_version": "8.0.21-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet-runtime-8.0",
"binary_version": "8.0.21-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet-runtime-dbg-8.0",
"binary_version": "8.0.21-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet-sdk-8.0",
"binary_version": "8.0.121-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet-sdk-8.0-source-built-artifacts",
"binary_version": "8.0.121-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet-sdk-dbg-8.0",
"binary_version": "8.0.121-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet-targeting-pack-8.0",
"binary_version": "8.0.21-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet-templates-8.0",
"binary_version": "8.0.121-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet8",
"binary_version": "8.0.121-8.0.21-0ubuntu1~22.04.1"
},
{
"binary_name": "netstandard-targeting-pack-2.1-8.0",
"binary_version": "8.0.121-0ubuntu1~22.04.1"
}
],
"availability": "No subscription required"
}Database specific
cves_map
{
"ecosystem": "Ubuntu:22.04:LTS",
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-55247"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-55248"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-55315"
}
]
}
Ubuntu:24.04:LTS
dotnet8
Package
- Name
- dotnet8
- Purl
- pkg:deb/ubuntu/dotnet8@8.0.121-8.0.21-0ubuntu1~24.04.1?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.0.121-8.0.21-0ubuntu1~24.04.1
Affected versions
8.*
8.0.100-8.0.0~rc1-0ubuntu1
8.0.100-8.0.0~rc2-0ubuntu1
8.0.100-8.0.0~rc2-0ubuntu2
8.0.100-8.0.0-0ubuntu1
8.0.100-8.0.0-0ubuntu2
8.0.101-8.0.1-0ubuntu1
8.0.101-8.0.1-0ubuntu2
8.0.102-8.0.2-0ubuntu1
8.0.103-8.0.3-0ubuntu2
8.0.103-8.0.3-0ubuntu3
8.0.104-8.0.4-0ubuntu1
8.0.105-8.0.5-0ubuntu1~24.04.1
8.0.107-8.0.7-0ubuntu1~24.04.1
8.0.108-8.0.8-0ubuntu1~24.04.1
8.0.108-8.0.8-0ubuntu1~24.04.2
8.0.110-8.0.10-0ubuntu1~24.04.1
8.0.111-8.0.11-0ubuntu1~24.04.1
8.0.112-8.0.12-0ubuntu1~24.04.1
8.0.114-8.0.14-0ubuntu1~24.04.1
8.0.115-8.0.15-0ubuntu1~24.04.1
8.0.116-8.0.16-0ubuntu1~24.04.1
8.0.117-8.0.17-0ubuntu1~24.04.1
8.0.118-8.0.18-0ubuntu1~24.04.1
8.0.119-8.0.19-0ubuntu1~24.04.1
8.0.120-8.0.20-0ubuntu1~24.04.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "aspnetcore-runtime-8.0",
"binary_version": "8.0.21-0ubuntu1~24.04.1"
},
{
"binary_name": "aspnetcore-runtime-dbg-8.0",
"binary_version": "8.0.21-0ubuntu1~24.04.1"
},
{
"binary_name": "aspnetcore-targeting-pack-8.0",
"binary_version": "8.0.21-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-apphost-pack-8.0",
"binary_version": "8.0.21-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-host-8.0",
"binary_version": "8.0.21-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-hostfxr-8.0",
"binary_version": "8.0.21-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-runtime-8.0",
"binary_version": "8.0.21-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-runtime-dbg-8.0",
"binary_version": "8.0.21-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-sdk-8.0",
"binary_version": "8.0.121-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-sdk-8.0-source-built-artifacts",
"binary_version": "8.0.121-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-sdk-dbg-8.0",
"binary_version": "8.0.121-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-targeting-pack-8.0",
"binary_version": "8.0.21-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-templates-8.0",
"binary_version": "8.0.121-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet8",
"binary_version": "8.0.121-8.0.21-0ubuntu1~24.04.1"
},
{
"binary_name": "netstandard-targeting-pack-2.1-8.0",
"binary_version": "8.0.121-0ubuntu1~24.04.1"
}
],
"availability": "No subscription required"
}Database specific
cves_map
{
"ecosystem": "Ubuntu:24.04:LTS",
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-55247"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-55248"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-55315"
}
]
}
Ubuntu:25.04
dotnet8
Package
- Name
- dotnet8
- Purl
- pkg:deb/ubuntu/dotnet8@8.0.121-8.0.21-0ubuntu1~25.04.1?arch=source&distro=plucky
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.0.121-8.0.21-0ubuntu1~25.04.1
Affected versions
8.*
8.0.110-8.0.10-0ubuntu1
8.0.111-8.0.11-0ubuntu1
8.0.111-8.0.11-0ubuntu2
8.0.111-8.0.11-0ubuntu3
8.0.112-8.0.12-0ubuntu1
8.0.113-8.0.13-0ubuntu1
8.0.113-8.0.13-0ubuntu2
8.0.114-8.0.14-0ubuntu1
8.0.115-8.0.15-0ubuntu1
8.0.116-8.0.16-0ubuntu1~25.04.1
8.0.117-8.0.17-0ubuntu1~25.04.1
8.0.118-8.0.18-0ubuntu1~25.04.1
8.0.119-8.0.19-0ubuntu1~25.04.1
8.0.120-8.0.20-0ubuntu1~25.04.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "aspnetcore-runtime-8.0",
"binary_version": "8.0.21-0ubuntu1~25.04.1"
},
{
"binary_name": "aspnetcore-runtime-dbg-8.0",
"binary_version": "8.0.21-0ubuntu1~25.04.1"
},
{
"binary_name": "aspnetcore-targeting-pack-8.0",
"binary_version": "8.0.21-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet-apphost-pack-8.0",
"binary_version": "8.0.21-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet-host-8.0",
"binary_version": "8.0.21-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet-hostfxr-8.0",
"binary_version": "8.0.21-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet-runtime-8.0",
"binary_version": "8.0.21-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet-runtime-dbg-8.0",
"binary_version": "8.0.21-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet-sdk-8.0",
"binary_version": "8.0.121-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet-sdk-8.0-source-built-artifacts",
"binary_version": "8.0.121-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet-sdk-dbg-8.0",
"binary_version": "8.0.121-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet-targeting-pack-8.0",
"binary_version": "8.0.21-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet-templates-8.0",
"binary_version": "8.0.121-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet8",
"binary_version": "8.0.121-8.0.21-0ubuntu1~25.04.1"
},
{
"binary_name": "netstandard-targeting-pack-2.1-8.0",
"binary_version": "8.0.121-0ubuntu1~25.04.1"
}
],
"availability": "No subscription required"
}Database specific
cves_map
{
"ecosystem": "Ubuntu:25.04",
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-55247"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-55248"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-55315"
}
]
}
dotnet9
Package
- Name
- dotnet9
- Purl
- pkg:deb/ubuntu/dotnet9@9.0.111-9.0.10-0ubuntu1~25.04.1?arch=source&distro=plucky
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.0.111-9.0.10-0ubuntu1~25.04.1
Affected versions
9.*
9.0.100-9.0.0~rc2-0ubuntu1
9.0.100-9.0.0-0ubuntu1
9.0.101-9.0.0-0ubuntu1
9.0.101-9.0.0-0ubuntu2
9.0.102-9.0.1-0ubuntu1
9.0.103-9.0.2-0ubuntu1
9.0.103-9.0.2-0ubuntu2
9.0.104-9.0.3-0ubuntu1
9.0.105-9.0.4-0ubuntu1
9.0.106-9.0.5-0ubuntu1~25.04.1
9.0.107-9.0.6-0ubuntu1~25.04.1
9.0.108-9.0.7-0ubuntu1~25.04.1
9.0.109-9.0.8-0ubuntu1~25.04.1
9.0.110-9.0.9-0ubuntu1~25.04.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "aspnetcore-runtime-9.0",
"binary_version": "9.0.10-0ubuntu1~25.04.1"
},
{
"binary_name": "aspnetcore-runtime-dbg-9.0",
"binary_version": "9.0.10-0ubuntu1~25.04.1"
},
{
"binary_name": "aspnetcore-targeting-pack-9.0",
"binary_version": "9.0.10-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet-apphost-pack-9.0",
"binary_version": "9.0.10-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet-host-9.0",
"binary_version": "9.0.10-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet-hostfxr-9.0",
"binary_version": "9.0.10-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet-runtime-9.0",
"binary_version": "9.0.10-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet-runtime-dbg-9.0",
"binary_version": "9.0.10-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet-sdk-9.0",
"binary_version": "9.0.111-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet-sdk-9.0-source-built-artifacts",
"binary_version": "9.0.111-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet-sdk-aot-9.0",
"binary_version": "9.0.111-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet-sdk-dbg-9.0",
"binary_version": "9.0.111-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet-targeting-pack-9.0",
"binary_version": "9.0.10-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet-templates-9.0",
"binary_version": "9.0.111-0ubuntu1~25.04.1"
},
{
"binary_name": "dotnet9",
"binary_version": "9.0.111-9.0.10-0ubuntu1~25.04.1"
},
{
"binary_name": "netstandard-targeting-pack-2.1-9.0",
"binary_version": "9.0.111-0ubuntu1~25.04.1"
}
],
"availability": "No subscription required"
}Database specific
cves_map
{
"ecosystem": "Ubuntu:25.04",
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-55247"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-55248"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-55315"
}
]
}
Ubuntu:25.10
dotnet10
Package
- Name
- dotnet10
- Purl
- pkg:deb/ubuntu/dotnet10@10.0.100-10.0.0~rc2-0ubuntu1~25.10.2?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed10.0.100-10.0.0~rc2-0ubuntu1~25.10.2
Ecosystem specific
{
"binaries": [
{
"binary_name": "aspnetcore-runtime-10.0",
"binary_version": "10.0.0~rc2-0ubuntu1~25.10.2"
},
{
"binary_name": "aspnetcore-runtime-dbg-10.0",
"binary_version": "10.0.0~rc2-0ubuntu1~25.10.2"
},
{
"binary_name": "aspnetcore-targeting-pack-10.0",
"binary_version": "10.0.0~rc2-0ubuntu1~25.10.2"
},
{
"binary_name": "dotnet-apphost-pack-10.0",
"binary_version": "10.0.0~rc2-0ubuntu1~25.10.2"
},
{
"binary_name": "dotnet-host-10.0",
"binary_version": "10.0.0~rc2-0ubuntu1~25.10.2"
},
{
"binary_name": "dotnet-hostfxr-10.0",
"binary_version": "10.0.0~rc2-0ubuntu1~25.10.2"
},
{
"binary_name": "dotnet-runtime-10.0",
"binary_version": "10.0.0~rc2-0ubuntu1~25.10.2"
},
{
"binary_name": "dotnet-runtime-dbg-10.0",
"binary_version": "10.0.0~rc2-0ubuntu1~25.10.2"
},
{
"binary_name": "dotnet-sdk-10.0",
"binary_version": "10.0.100~rc2-0ubuntu1~25.10.2"
},
{
"binary_name": "dotnet-sdk-10.0-source-built-artifacts",
"binary_version": "10.0.100~rc2-0ubuntu1~25.10.2"
},
{
"binary_name": "dotnet-sdk-aot-10.0",
"binary_version": "10.0.100~rc2-0ubuntu1~25.10.2"
},
{
"binary_name": "dotnet-sdk-dbg-10.0",
"binary_version": "10.0.100~rc2-0ubuntu1~25.10.2"
},
{
"binary_name": "dotnet-targeting-pack-10.0",
"binary_version": "10.0.0~rc2-0ubuntu1~25.10.2"
},
{
"binary_name": "dotnet-templates-10.0",
"binary_version": "10.0.100~rc2-0ubuntu1~25.10.2"
},
{
"binary_name": "dotnet10",
"binary_version": "10.0.100-10.0.0~rc2-0ubuntu1~25.10.2"
}
],
"availability": "No subscription required"
}Database specific
cves_map
{
"ecosystem": "Ubuntu:25.10",
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-55247"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-55248"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-55315"
}
]
}
dotnet8
Package
- Name
- dotnet8
- Purl
- pkg:deb/ubuntu/dotnet8@8.0.121-8.0.21-0ubuntu1~25.10.1?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.0.121-8.0.21-0ubuntu1~25.10.1
Affected versions
8.*
8.0.115-8.0.15-0ubuntu1
8.0.116-8.0.16-0ubuntu1
8.0.117-8.0.17-0ubuntu1
8.0.118-8.0.18-0ubuntu1
8.0.119-8.0.19-0ubuntu1
8.0.120-8.0.20-0ubuntu1
Ecosystem specific
{
"binaries": [
{
"binary_name": "aspnetcore-runtime-8.0",
"binary_version": "8.0.21-0ubuntu1~25.10.1"
},
{
"binary_name": "aspnetcore-runtime-dbg-8.0",
"binary_version": "8.0.21-0ubuntu1~25.10.1"
},
{
"binary_name": "aspnetcore-targeting-pack-8.0",
"binary_version": "8.0.21-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-apphost-pack-8.0",
"binary_version": "8.0.21-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-host-8.0",
"binary_version": "8.0.21-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-hostfxr-8.0",
"binary_version": "8.0.21-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-runtime-8.0",
"binary_version": "8.0.21-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-runtime-dbg-8.0",
"binary_version": "8.0.21-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-sdk-8.0",
"binary_version": "8.0.121-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-sdk-8.0-source-built-artifacts",
"binary_version": "8.0.121-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-sdk-dbg-8.0",
"binary_version": "8.0.121-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-targeting-pack-8.0",
"binary_version": "8.0.21-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-templates-8.0",
"binary_version": "8.0.121-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet8",
"binary_version": "8.0.121-8.0.21-0ubuntu1~25.10.1"
},
{
"binary_name": "netstandard-targeting-pack-2.1-8.0",
"binary_version": "8.0.121-0ubuntu1~25.10.1"
}
],
"availability": "No subscription required"
}Database specific
cves_map
{
"ecosystem": "Ubuntu:25.10",
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-55247"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-55248"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-55315"
}
]
}
dotnet9
Package
- Name
- dotnet9
- Purl
- pkg:deb/ubuntu/dotnet9@9.0.111-9.0.10-0ubuntu1~25.10.1?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.0.111-9.0.10-0ubuntu1~25.10.1
Affected versions
9.*
9.0.105-9.0.4-0ubuntu1
9.0.106-9.0.5-0ubuntu1
9.0.107-9.0.6-0ubuntu1
9.0.108-9.0.7-0ubuntu1
9.0.109-9.0.8-0ubuntu1
9.0.110-9.0.9-0ubuntu1
Ecosystem specific
{
"binaries": [
{
"binary_name": "aspnetcore-runtime-9.0",
"binary_version": "9.0.10-0ubuntu1~25.10.1"
},
{
"binary_name": "aspnetcore-runtime-dbg-9.0",
"binary_version": "9.0.10-0ubuntu1~25.10.1"
},
{
"binary_name": "aspnetcore-targeting-pack-9.0",
"binary_version": "9.0.10-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-apphost-pack-9.0",
"binary_version": "9.0.10-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-host-9.0",
"binary_version": "9.0.10-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-hostfxr-9.0",
"binary_version": "9.0.10-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-runtime-9.0",
"binary_version": "9.0.10-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-runtime-dbg-9.0",
"binary_version": "9.0.10-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-sdk-9.0",
"binary_version": "9.0.111-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-sdk-9.0-source-built-artifacts",
"binary_version": "9.0.111-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-sdk-aot-9.0",
"binary_version": "9.0.111-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-sdk-dbg-9.0",
"binary_version": "9.0.111-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-targeting-pack-9.0",
"binary_version": "9.0.10-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-templates-9.0",
"binary_version": "9.0.111-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet9",
"binary_version": "9.0.111-9.0.10-0ubuntu1~25.10.1"
},
{
"binary_name": "netstandard-targeting-pack-2.1-9.0",
"binary_version": "9.0.111-0ubuntu1~25.10.1"
}
],
"availability": "No subscription required"
}Database specific
cves_map
{
"ecosystem": "Ubuntu:25.10",
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-55247"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-55248"
},
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-55315"
}
]
}