Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/30375?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30375?format=api", "vulnerability_id": "VCID-4zux-cmaa-w3gd", "summary": "Microsoft.Build.Tasks.Core .NET Spoofing Vulnerability\n# Microsoft Security Advisory CVE-2025-26646: .NET Spoofing Vulnerability\n\n## <a name=\"executive-summary\"></a>Executive summary\n\nMicrosoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0.xxx and .NET 8.0.xxx SDK. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability.\n\nA vulnerability exists in .NET SDK or MSBuild applications where external control of file name or path allows an unauthorized attacked to perform spoofing over a network.\n\n## Announcement\n\nAnnouncement for this issue can be found at https://github.com/dotnet/announcements/issues/356\n\n### <a name=\"mitigation-factors\"></a>Mitigation factors\n\nProjects which do not utilize the [DownloadFile](https://learn.microsoft.com/visualstudio/msbuild/downloadfile-task) build task are not susceptible to this vulnerability.\n\n## <a name=\"affected-software\"></a>Affected software\n\n* Any installation of .NET 9.0.105 SDK, .NET 9.0.203 SDK or earlier.\n* Any installation of .NET 8.0.115 SDK, .NET 8.0.311 or .NET 8.0.312 SDK, .NET 8.0.408 or .NET 8.0.409 SDK or earlier.\n\n## <a name=\"affected-packages\"></a>Affected Packages\nThe vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below\n\nPackage name | Affected version | Patched version\n------------ | ---------------- | -------------------------\n[Microsoft.Build.Tasks.Core](https://www.nuget.org/packages/Microsoft.Build.Tasks.Core) |>= 15.8.166, <=15.9.20<br />>=16.0.461, <= 16.11.0<br />>= 17.0.0, <= 17.8.3<br/>>= 17.9.5, <= 17.10.4<br />17.11.4<br />17.12.6 <br />17.13.9 | 15.9.30<br />16.11.6<br />17.8.29<br/>17.10.29<br />17.12.36<br />17.13.26 <br />17.14.8\n\n## Advisory FAQ\n\n### <a name=\"how-affected\"></a>How do I know if I am affected?\n\nIf you have a .NET SDK with a version listed, or an affected package listed in [affected software](#affected-packages) or [affected packages](#affected-software), you're exposed to the vulnerability.\n\n### <a name=\"how-fix\"></a>How do I fix the issue?\n\n1. To fix the issue please install the latest version of .NET 9.0 SDK or .NET 8.0 SDK. If you have installed one or more .NET SDKs through Visual Studio, Visual Studio will prompt you to update Visual Studio, which will also update your .NET SDKs.\n2. If your application references the vulnerable package, update the package reference to the patched version.\n\n* You can list the versions you have installed by running the `dotnet --info` command. You will see output like the following;\n\n```\n.NET SDK:\n Version: 9.0.100\n Commit: 59db016f11\n Workload version: 9.0.100-manifests.3068a692\n MSBuild version: 17.12.7+5b8665660\n\nRuntime Environment:\n OS Name: Mac OS X\n OS Version: 15.2\n OS Platform: Darwin\n RID: osx-arm64\n Base Path: /usr/local/share/dotnet/sdk/9.0.100/\n\n.NET workloads installed:\nThere are no installed workloads to display.\nConfigured to use loose manifests when installing new manifests.\n\nHost:\n Version: 9.0.0\n Architecture: arm64\n Commit: 9d5a6a9aa4\n\n.NET SDKs installed:\n 9.0.100 [/usr/local/share/dotnet/sdk]\n\n.NET runtimes installed:\n Microsoft.AspNetCore.App 9.0.0 [/usr/local/share/dotnet/shared/Microsoft.AspNetCore.App]\n Microsoft.NETCore.App 9.0.0 [/usr/local/share/dotnet/shared/Microsoft.NETCore.App]\n\nOther architectures found:\n x64 [/usr/local/share/dotnet]\n registered at [/etc/dotnet/install_location_x64]\n\nEnvironment variables:\n Not set\n\nglobal.json file:\n Not found\n\nLearn more:\n https://aka.ms/dotnet/info\n\nDownload .NET:\n https://aka.ms/dotnet/download\n```\n\n* If you're using .NET 9.0, you should download and install the appropriate SDK: `.NET 9.0.300` for Visual Studio 2022 v17.14, `.NET 9.0.204` for v17.13, or `.NET 9.0.106` for v17.12. Download from https://dotnet.microsoft.com/download/dotnet-core/9.0.\n\n* If you're using .NET 8.0, you should download and install the appropriate SDK: `.NET 8.0.410` for Visual Studio 2022 v17.11, `.NET 8.0.313` for v17.10, or `.NET 8.0.116` for v17.8. Download from https://dotnet.microsoft.com/download/dotnet-core/8.0.\n\nOnce you have installed the updated SDK, restart your apps for the update to take effect.\n\n## Other Information\n\n### Reporting Security Issues\n\nIf you have found a potential security issue in .NET 8.0 or .NET 9.0, please email details to secure@microsoft.com. Reports may qualify for the Microsoft .NET Core & .NET 5 Bounty. Details of the Microsoft .NET Bounty Program including terms and conditions are at <https://aka.ms/corebounty>.\n\n### Support\n\nYou can ask questions about this issue on GitHub in the .NET GitHub organization. The main repos are located at https://github.com/dotnet/aspnetcore. The Announcements repo (https://github.com/dotnet/Announcements) will contain this bulletin as an issue and will include a link to a discussion issue. You can ask questions in the linked discussion issue.\n\n### Disclaimer\n\nThe information provided in this advisory is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.", "aliases": [ { "alias": "CVE-2025-26646" }, { "alias": "GHSA-h4j7-5rxr-p4wc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/443765?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=aarch64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=aarch64&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/443767?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=armv7&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=armv7&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/543535?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=armhf&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=armhf&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/543536?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=armv7&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=armv7&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/543537?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=loongarch64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=loongarch64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/543538?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=ppc64le&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=ppc64le&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/543540?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=s390x&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=s390x&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/563923?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=aarch64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=aarch64&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/563924?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=armhf&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=armhf&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/563929?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=s390x&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=s390x&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/563930?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=x86&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=x86&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/960175?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=aarch64&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=aarch64&distroversion=v3.20&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/960177?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=armv7&distroversion=v3.20&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/983981?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=ppc64le&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/983982?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=riscv64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=riscv64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/443768?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=loongarch64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/443772?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=x86&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=x86&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/543539?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=riscv64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=riscv64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/543541?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=x86&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=x86&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/543542?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=x86_64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=x86_64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/563925?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=armv7&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/563926?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=loongarch64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=loongarch64&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/960179?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=riscv64&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=riscv64&distroversion=v3.20&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/960182?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=x86_64&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=x86_64&distroversion=v3.20&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/983978?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=armhf&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=armhf&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/983979?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=armv7&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=armv7&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/983985?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=x86_64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/563927?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=ppc64le&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=ppc64le&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/563928?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=riscv64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=riscv64&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/960176?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=armhf&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=armhf&distroversion=v3.20&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/960178?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=ppc64le&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/443766?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=armhf&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=armhf&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/443770?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=riscv64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=riscv64&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/443771?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=s390x&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=s390x&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/443773?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=x86_64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=x86_64&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/543534?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=aarch64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=aarch64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/563931?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=x86_64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/960180?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=s390x&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=s390x&distroversion=v3.20&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/960181?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=x86&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=x86&distroversion=v3.20&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/983980?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/443769?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=ppc64le&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/983977?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=aarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=aarch64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/983983?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=s390x&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=s390x&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/983984?format=api", "purl": "pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=x86&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/428446?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=aarch64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=aarch64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/428451?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=riscv64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=riscv64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/428452?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=s390x&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=s390x&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/428454?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=x86_64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=x86_64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/553308?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=armhf&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=armhf&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/553310?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=loongarch64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/567827?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/967542?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=aarch64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=aarch64&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/967545?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=loongarch64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=loongarch64&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/967546?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=ppc64le&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=ppc64le&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/967549?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=x86&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=x86&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/428450?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=ppc64le&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=ppc64le&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/553309?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=armv7&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=armv7&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/553315?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=x86_64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=x86_64&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/567825?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=armhf&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=armhf&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/567826?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=armv7&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=armv7&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/567828?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=ppc64le&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/567831?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=x86&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/967543?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=armhf&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=armhf&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/967550?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=x86_64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/428447?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=armhf&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=armhf&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/428448?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=armv7&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=armv7&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/553311?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=ppc64le&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/567824?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=aarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=aarch64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/567829?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=riscv64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=riscv64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/428449?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=loongarch64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=loongarch64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/553312?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=riscv64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=riscv64&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/553314?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=x86&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=x86&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/567832?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=x86_64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/967548?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=s390x&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=s390x&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/428453?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=x86&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=x86&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/553307?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=aarch64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=aarch64&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/553313?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=s390x&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=s390x&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/567830?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=s390x&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=s390x&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/967544?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=armv7&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/967547?format=api", "purl": "pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=riscv64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=riscv64&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/71155?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@15.9.30", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@15.9.30" }, { "url": "http://public2.vulnerablecode.io/api/packages/71156?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@16.11.6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.11.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/71157?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.8.29", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hrdk-wnbt-cyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.8.29" }, { "url": "http://public2.vulnerablecode.io/api/packages/71158?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.10.29", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hrdk-wnbt-cyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.10.29" }, { "url": "http://public2.vulnerablecode.io/api/packages/71160?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.12.36", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hrdk-wnbt-cyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.12.36" }, { "url": "http://public2.vulnerablecode.io/api/packages/71162?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.13.26", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.13.26" }, { "url": "http://public2.vulnerablecode.io/api/packages/71164?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.14.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hrdk-wnbt-cyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.14.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/68354?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.15.0-preview-25277-114", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hrdk-wnbt-cyes" }, { "vulnerability": "VCID-qqh6-yhjn-27g7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.15.0-preview-25277-114" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/570409?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@15.8.166", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@15.8.166" }, { "url": "http://public2.vulnerablecode.io/api/packages/763766?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@15.9.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@15.9.20" }, { "url": "http://public2.vulnerablecode.io/api/packages/570410?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@16.0.461", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.0.461" }, { "url": "http://public2.vulnerablecode.io/api/packages/763767?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@16.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/763768?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@16.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/763769?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@16.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/763770?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@16.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/763771?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@16.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/763772?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@16.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/763773?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@16.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/763774?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@16.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/763775?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@16.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.11.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/570411?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/763776?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/763777?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/763778?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/763779?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/763780?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/763781?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/763782?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/763783?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/763784?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/763785?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/763786?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/763787?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.7.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.7.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/763788?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/570412?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.9.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.9.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/763789?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.10.0-preview-24081-01", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.10.0-preview-24081-01" }, { "url": "http://public2.vulnerablecode.io/api/packages/763790?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.10.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.10.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/71159?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.11.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.11.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/71161?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.12.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.12.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/71163?format=api", "purl": "pkg:nuget/Microsoft.Build.Tasks.Core@17.13.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.13.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/90567?format=api", "purl": "pkg:rpm/redhat/dotnet8.0@8.0.116-1?arch=el9_4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/dotnet8.0@8.0.116-1%3Farch=el9_4" }, { "url": "http://public2.vulnerablecode.io/api/packages/90565?format=api", "purl": "pkg:rpm/redhat/dotnet8.0@8.0.116-1?arch=el9_6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/dotnet8.0@8.0.116-1%3Farch=el9_6" }, { "url": "http://public2.vulnerablecode.io/api/packages/90564?format=api", "purl": "pkg:rpm/redhat/dotnet8.0@8.0.116-1?arch=el10_0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/dotnet8.0@8.0.116-1%3Farch=el10_0" }, { "url": "http://public2.vulnerablecode.io/api/packages/90566?format=api", "purl": "pkg:rpm/redhat/dotnet8.0@8.0.116-1?arch=el8_10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/dotnet8.0@8.0.116-1%3Farch=el8_10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076539?format=api", "purl": "pkg:rpm/redhat/dotnet8-0-main@8.0.126-1?arch=hum1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" }, { "vulnerability": "VCID-cc3y-8y5n-v7cq" }, { "vulnerability": "VCID-cju3-5hjk-h3d3" }, { "vulnerability": "VCID-hrdk-wnbt-cyes" }, { "vulnerability": "VCID-hrem-hhst-97en" }, { "vulnerability": "VCID-k3fx-jcj4-jfc6" }, { "vulnerability": "VCID-kd36-kt84-1fcz" }, { "vulnerability": "VCID-u6eh-1bec-n7c2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/dotnet8-0-main@8.0.126-1%3Farch=hum1" }, { "url": "http://public2.vulnerablecode.io/api/packages/90561?format=api", "purl": "pkg:rpm/redhat/dotnet9.0@9.0.106-1?arch=el10_0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/dotnet9.0@9.0.106-1%3Farch=el10_0" }, { "url": "http://public2.vulnerablecode.io/api/packages/90562?format=api", "purl": "pkg:rpm/redhat/dotnet9.0@9.0.106-1?arch=el8_10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/dotnet9.0@9.0.106-1%3Farch=el8_10" }, { "url": "http://public2.vulnerablecode.io/api/packages/90563?format=api", "purl": "pkg:rpm/redhat/dotnet9.0@9.0.106-1?arch=el9_6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/dotnet9.0@9.0.106-1%3Farch=el9_6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076540?format=api", "purl": "pkg:rpm/redhat/dotnet9-0-main@9.0.116-1?arch=hum1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4zux-cmaa-w3gd" }, { "vulnerability": "VCID-cc3y-8y5n-v7cq" }, { "vulnerability": "VCID-cju3-5hjk-h3d3" }, { "vulnerability": "VCID-hrdk-wnbt-cyes" }, { "vulnerability": "VCID-hrem-hhst-97en" }, { "vulnerability": "VCID-k3fx-jcj4-jfc6" }, { "vulnerability": "VCID-kd36-kt84-1fcz" }, { "vulnerability": "VCID-u6eh-1bec-n7c2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/dotnet9-0-main@9.0.116-1%3Farch=hum1" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26646.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26646.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26646", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38355", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38377", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38302", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38276", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38366", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46526", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46564", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46448", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46503", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46507", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46352", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.465", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46489", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46479", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46508", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46561", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46498", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26646" }, { "reference_url": "https://github.com/dotnet/announcements/issues/356", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dotnet/announcements/issues/356" }, { "reference_url": "https://github.com/dotnet/msbuild", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dotnet/msbuild" }, { "reference_url": "https://github.com/dotnet/msbuild/issues/11846", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dotnet/msbuild/issues/11846" }, { "reference_url": "https://github.com/dotnet/msbuild/security/advisories/GHSA-h4j7-5rxr-p4wc", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dotnet/msbuild/security/advisories/GHSA-h4j7-5rxr-p4wc" }, { "reference_url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26646", "reference_id": "", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" }, { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-14T15:57:11Z/" } ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26646" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26646", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26646" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365317", "reference_id": "2365317", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365317" }, { "reference_url": "https://github.com/advisories/GHSA-h4j7-5rxr-p4wc", "reference_id": "GHSA-h4j7-5rxr-p4wc", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h4j7-5rxr-p4wc" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7571", "reference_id": "RHSA-2025:7571", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7571" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7589", "reference_id": "RHSA-2025:7589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7589" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7598", "reference_id": "RHSA-2025:7598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7599", "reference_id": "RHSA-2025:7599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7600", "reference_id": "RHSA-2025:7600", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7600" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7601", "reference_id": "RHSA-2025:7601", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7603", "reference_id": "RHSA-2025:7603", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7603" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9080", "reference_id": "RHSA-2026:9080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9205", "reference_id": "RHSA-2026:9205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9205" }, { "reference_url": "https://usn.ubuntu.com/7509-1/", "reference_id": "USN-7509-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7509-1/" } ], "weaknesses": [ { "cwe_id": 73, "name": "External Control of File Name or Path", "description": "The product allows user input to control or influence paths or file names that are used in filesystem operations." }, { "cwe_id": 290, "name": "Authentication Bypass by Spoofing", "description": "This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "7.0 - 8.9", "exploitability": "0.5", "weighted_severity": "8.0", "risk_score": 4.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4zux-cmaa-w3gd" }