BIT-dotnet-sdk-2026-32175

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/dotnet-sdk/BIT-dotnet-sdk-2026-32175.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-dotnet-sdk-2026-32175
Aliases
Published
2026-06-22T05:39:30.937Z
Modified
2026-06-22T08:56:16.361647771Z
Summary
.NET Core Tampering Vulnerability
Details

A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could write arbitrary files and directories to certain locations on a vulnerable system. However, an attacker would have limited control over the destination of the files and directories. To exploit the vulnerability, an attacker must send a specially crafted file to a vulnerable system. The security update fixes the vulnerability by ensuring .NET Core properly handles files.

Database specific
{
    "cpes": [
        "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*"
    ],
    "severity": "Medium"
}
References

Affected packages

Bitnami / dotnet-sdk

Package

Name
dotnet-sdk
Purl
pkg:bitnami/dotnet-sdk

Severity

  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
8.0.0
Fixed
8.0.27
Introduced
9.0.0
Fixed
9.0.16

Database specific

source
"https://github.com/bitnami/vulndb/tree/main/data/dotnet-sdk/BIT-dotnet-sdk-2026-32175.json"