INFSA-2025:7599: .NET 8.0 security update
Information about definition
Identificator: INFSA-2025:7599
Type: security
Release date: 2025-07-15 19:41:58 UTC
Information about package
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.116 and .NET Runtime 8.0.16.
Vulnerabilities description
- CVE-2025-26646
External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2025-26646
|
no information | 8.0 | no information |
Updated packages