VDB
RHSA-2023%3A4643
RHSA-2023%3A4643
PUBLISHED
CVSS 7.800000190734863 HIGH
Red Hat Security Advisory: .NET 7.0 security, bug fix, and enhancement update
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat:enterprise_linux:8::crb | dotnet7.0-debugsource | 0, 0 |
| Red Hat:enterprise_linux:8::crb | dotnet-runtime-7.0-debuginfo | 0, 0 |
| Red Hat:enterprise_linux:8::crb | dotnet-apphost-pack-7.0 | 0, 0 |
| Red Hat:enterprise_linux:8::appstream | aspnetcore-runtime-7.0 | 0, 0 |
| Red Hat:enterprise_linux:8::appstream | dotnet-templates-7.0 | 0, 0 |
| Red Hat:enterprise_linux:8::crb | dotnet-hostfxr-7.0 | 0, 0 |
| Red Hat:enterprise_linux:8::appstream | dotnet-hostfxr-7.0 | 0, 0 |
| Red Hat:enterprise_linux:8::crb | aspnetcore-runtime-7.0 | 0, 0 |
| Red Hat:enterprise_linux:8::crb | dotnet-host-debuginfo | 0, 0 |
| Red Hat:enterprise_linux:8::appstream | dotnet-sdk-7.0-source-built-artifacts | 0, 0 |
| Red Hat:enterprise_linux:8::crb | dotnet-sdk-7.0-debuginfo | 0, 0 |
| Red Hat:enterprise_linux:8::crb | dotnet-targeting-pack-7.0 | 0, 0 |
| Red Hat:enterprise_linux:8::appstream | dotnet-host | 0, 0 |
| Red Hat:enterprise_linux:8::crb | dotnet-sdk-7.0 | 0, 0 |
| Red Hat:enterprise_linux:8::appstream | dotnet-host-debuginfo | 0, 0 |
| Red Hat:enterprise_linux:8::appstream | dotnet-apphost-pack-7.0-debuginfo | 0, 0 |
| Red Hat:enterprise_linux:8::crb | dotnet-templates-7.0 | 0, 0 |
| Red Hat:enterprise_linux:8::crb | netstandard-targeting-pack-2.1 | 0, 0 |
| Red Hat:enterprise_linux:8::crb | dotnet-apphost-pack-7.0-debuginfo | 0, 0 |
| Red Hat:enterprise_linux:8::appstream | dotnet | 0, 0 |
…and 20 more
Timeline
- Aug 14, 2023 CVE Published
- Nov 21, 2025 CVE Updated
- May 1, 2026 Distribution Patch
- May 1, 2026 Distribution Patch
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2023:4643 advisory
- https://access.redhat.com/security/updates/classification/#important article
- https://bugzilla.redhat.com/show_bug.cgi?id=2228621 report
- https://bugzilla.redhat.com/show_bug.cgi?id=2228622 report
- https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4643.json advisory
- https://access.redhat.com/security/cve/CVE-2023-35390 report
- https://www.cve.org/CVERecord?id=CVE-2023-35390 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-35390 advisory
- https://devblogs.microsoft.com/dotnet/august-2023-updates/ article
- https://github.com/advisories/GHSA-p8rx-fwgq-rh2f advisory
- https://github.com/dotnet/announcements/issues/266 article
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35390 article
- https://access.redhat.com/security/cve/CVE-2023-38180 report
- https://www.cve.org/CVERecord?id=CVE-2023-38180 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-38180 advisory
- https://github.com/advisories/GHSA-vmch-3w2x-vhgq advisory
- https://github.com/dotnet/announcements/issues/269 article
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38180 article
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog article