CVE-2025-55248

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-55248

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-55248.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-55248

Aliases

Downstream

BELL-CVE-2025-55248

MINI-j363-w363-g7p7

MINI-wgrc-fq87-r79f

RHSA-2025:18148

RHSA-2025:18149

RHSA-2025:18150

RHSA-2025:18151

RHSA-2025:18152

RHSA-2025:18153

RHSA-2025:18256

RLSA-2025:18148

RLSA-2025:18149

RLSA-2025:18150

RLSA-2025:18151

RLSA-2025:18152

RLSA-2025:18153

UBUNTU-CVE-2025-55248

USN-7822-1

Related

Published

2025-10-14T17:15:44Z

Modified

2025-10-25T04:13:20.819371Z

Severity

5.7 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network.

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55248

Affected packages

Git / github.com/dotnet/core

Affected ranges

Type: GIT
Repo: https://github.com/dotnet/core
Events: Introduced

d78b3180414d35d6c7d136db753474e2ae2b33df

Fixed

7bb301d3548818d11991553716a02092372d8e2d

Affected versions

v10.*

v10.0.0-preview.1

v10.0.0-preview.2

v10.0.0-preview.3

v10.0.0-preview.4

v10.0.0-preview.5

v10.0.0-preview.6

v10.0.0-preview.7

v10.0.0-rc.1

v6.*

v6.0.25

v6.0.26

v6.0.27

v6.0.28

v6.0.29

v6.0.30

v6.0.31

v6.0.32

v6.0.33

v6.0.35

v6.0.36

v7.*

v7.0.14

v7.0.15

v7.0.16

v7.0.17

v7.0.18

v7.0.19

v7.0.20

v8.*

v8.0.0

v8.0.1

v8.0.10

v8.0.11

v8.0.12

v8.0.13

v8.0.14

v8.0.15

v8.0.16

v8.0.17

v8.0.18

v8.0.19

v8.0.2

v8.0.20

v8.0.3

v8.0.4

v8.0.5

v8.0.6

v8.0.7

v8.0.8

v9.*

v9.0.0

v9.0.0-preview.1

v9.0.0-preview.2

v9.0.0-preview.3

v9.0.0-preview.4

v9.0.0-preview.5

v9.0.0-preview.6

v9.0.0-preview.7

v9.0.0-rc.1

v9.0.0-rc.2

v9.0.1

v9.0.2

v9.0.3

v9.0.4

v9.0.5

v9.0.6

v9.0.7

v9.0.8

v9.0.9