vulnerability
Ubuntu: USN-7822-1 (CVE-2025-55247): .NET vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:M/Au:S/C:C/I:C/A:C) | Oct 16, 2025 | Oct 21, 2025 | Oct 30, 2025 |
Severity
7
CVSS
(AV:L/AC:M/Au:S/C:C/I:C/A:C)
Published
Oct 16, 2025
Added
Oct 21, 2025
Modified
Oct 30, 2025
Description
It was discovered that .NET did not properly handle the creation of temporary
build time directories. An attacker could possibly use this issue to cause a
denial of service. (CVE-2025-55247)
It was discovered that .NET did not properly establish TLS sessions for
SMTP server connections. An attacker could use this issue to cause .NET
to use unencrypted connections. This issue only affects .NET versions 8.0
and 9.0. (CVE-2025-55248)
It was discovered that .NET inconsistently interpreted certain http
requests. An attacker could possibly use this to bypass a security feature
over a network. (CVE-2025-55315)
Solutions
ubuntu-upgrade-aspnetcore-runtime-10-0ubuntu-upgrade-aspnetcore-runtime-8-0ubuntu-upgrade-aspnetcore-runtime-9-0ubuntu-upgrade-dotnet-host-10-0ubuntu-upgrade-dotnet-host-8-0ubuntu-upgrade-dotnet-host-9-0ubuntu-upgrade-dotnet-hostfxr-10-0ubuntu-upgrade-dotnet-hostfxr-8-0ubuntu-upgrade-dotnet-hostfxr-9-0ubuntu-upgrade-dotnet-runtime-10-0ubuntu-upgrade-dotnet-runtime-8-0ubuntu-upgrade-dotnet-runtime-9-0ubuntu-upgrade-dotnet-sdk-10-0ubuntu-upgrade-dotnet-sdk-8-0ubuntu-upgrade-dotnet-sdk-9-0ubuntu-upgrade-dotnet-sdk-aot-10-0ubuntu-upgrade-dotnet-sdk-aot-9-0ubuntu-upgrade-dotnet10ubuntu-upgrade-dotnet8ubuntu-upgrade-dotnet9
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.