{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/30375?format=json","vulnerability_id":"VCID-4zux-cmaa-w3gd","summary":"Microsoft.Build.Tasks.Core .NET Spoofing Vulnerability\n# Microsoft Security Advisory CVE-2025-26646: .NET Spoofing Vulnerability\n\n## <a name=\"executive-summary\"></a>Executive summary\n\nMicrosoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0.xxx and .NET 8.0.xxx SDK. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability.\n\nA vulnerability exists in .NET SDK or MSBuild applications where external control of file name or path allows an unauthorized attacked to perform spoofing over a network.\n\n## Announcement\n\nAnnouncement for this issue can be found at https://github.com/dotnet/announcements/issues/356\n\n### <a name=\"mitigation-factors\"></a>Mitigation factors\n\nProjects which do not utilize the [DownloadFile](https://learn.microsoft.com/visualstudio/msbuild/downloadfile-task)  build task are not susceptible to this vulnerability.\n\n## <a name=\"affected-software\"></a>Affected software\n\n* Any installation of .NET 9.0.105 SDK, .NET 9.0.203 SDK or earlier.\n* Any installation of .NET 8.0.115 SDK, .NET 8.0.311 or .NET 8.0.312 SDK, .NET 8.0.408 or .NET 8.0.409 SDK or earlier.\n\n## <a name=\"affected-packages\"></a>Affected Packages\nThe vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below\n\nPackage name | Affected version | Patched version\n------------ | ---------------- | -------------------------\n[Microsoft.Build.Tasks.Core](https://www.nuget.org/packages/Microsoft.Build.Tasks.Core) |>= 15.8.166, <=15.9.20<br />>=16.0.461, <= 16.11.0<br />>= 17.0.0, <= 17.8.3<br/>>= 17.9.5, <= 17.10.4<br />17.11.4<br />17.12.6 <br />17.13.9 | 15.9.30<br />16.11.6<br />17.8.29<br/>17.10.29<br />17.12.36<br />17.13.26 <br />17.14.8\n\n## Advisory FAQ\n\n### <a name=\"how-affected\"></a>How do I know if I am affected?\n\nIf you have a .NET SDK with a version listed, or an affected package listed in [affected software](#affected-packages) or [affected packages](#affected-software), you're exposed to the vulnerability.\n\n### <a name=\"how-fix\"></a>How do I fix the issue?\n\n1. To fix the issue please install the latest version of .NET 9.0 SDK or .NET 8.0 SDK. If you have installed one or more .NET SDKs through Visual Studio, Visual Studio will prompt you to update Visual Studio, which will also update your .NET  SDKs.\n2. If your application references the vulnerable package, update the package reference to the patched version.\n\n* You can list the versions you have installed by running the `dotnet --info` command. You will see output like the following;\n\n```\n.NET SDK:\n Version:           9.0.100\n Commit:            59db016f11\n Workload version:  9.0.100-manifests.3068a692\n MSBuild version:   17.12.7+5b8665660\n\nRuntime Environment:\n OS Name:     Mac OS X\n OS Version:  15.2\n OS Platform: Darwin\n RID:         osx-arm64\n Base Path:   /usr/local/share/dotnet/sdk/9.0.100/\n\n.NET workloads installed:\nThere are no installed workloads to display.\nConfigured to use loose manifests when installing new manifests.\n\nHost:\n  Version:      9.0.0\n  Architecture: arm64\n  Commit:       9d5a6a9aa4\n\n.NET SDKs installed:\n  9.0.100 [/usr/local/share/dotnet/sdk]\n\n.NET runtimes installed:\n  Microsoft.AspNetCore.App 9.0.0 [/usr/local/share/dotnet/shared/Microsoft.AspNetCore.App]\n  Microsoft.NETCore.App 9.0.0 [/usr/local/share/dotnet/shared/Microsoft.NETCore.App]\n\nOther architectures found:\n  x64   [/usr/local/share/dotnet]\n    registered at [/etc/dotnet/install_location_x64]\n\nEnvironment variables:\n  Not set\n\nglobal.json file:\n  Not found\n\nLearn more:\n  https://aka.ms/dotnet/info\n\nDownload .NET:\n  https://aka.ms/dotnet/download\n```\n\n* If you're using .NET 9.0, you should download and install the appropriate SDK: `.NET 9.0.300` for Visual Studio 2022 v17.14, `.NET 9.0.204` for v17.13, or `.NET 9.0.106` for v17.12. Download from https://dotnet.microsoft.com/download/dotnet-core/9.0.\n\n* If you're using .NET 8.0, you should download and install the appropriate SDK: `.NET 8.0.410` for Visual Studio 2022 v17.11, `.NET 8.0.313` for v17.10, or `.NET 8.0.116` for v17.8. Download from https://dotnet.microsoft.com/download/dotnet-core/8.0.\n\nOnce you have installed the updated SDK, restart your apps for the update to take effect.\n\n## Other Information\n\n### Reporting Security Issues\n\nIf you have found a potential security issue in .NET 8.0 or .NET 9.0, please email details to secure@microsoft.com. Reports may qualify for the Microsoft .NET Core & .NET 5 Bounty. Details of the Microsoft .NET Bounty Program including terms and conditions are at <https://aka.ms/corebounty>.\n\n### Support\n\nYou can ask questions about this issue on GitHub in the .NET GitHub organization. The main repos are located at https://github.com/dotnet/aspnetcore. The Announcements repo (https://github.com/dotnet/Announcements) will contain this bulletin as an issue and will include a link to a discussion issue. You can ask questions in the linked discussion issue.\n\n### Disclaimer\n\nThe information provided in this advisory is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.","aliases":[{"alias":"CVE-2025-26646"},{"alias":"GHSA-h4j7-5rxr-p4wc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/543535?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=armhf&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=armhf&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/563926?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=loongarch64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=loongarch64&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/983979?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=armv7&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=armv7&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/983985?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=x86_64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=x86_64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/543541?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=x86&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/563924?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=armhf&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=armhf&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/983981?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=ppc64le&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/443767?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=armv7&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/443772?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=x86&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=x86&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/543539?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=riscv64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/983978?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=armhf&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/563927?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=ppc64le&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=ppc64le&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/563928?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=riscv64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=riscv64&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/563929?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=s390x&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=s390x&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/960175?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=aarch64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=aarch64&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/443765?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=aarch64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=aarch64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/543536?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=armv7&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=armv7&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/543537?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=loongarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=loongarch64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/543538?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=ppc64le&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=ppc64le&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/563930?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=x86&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=x86&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/960176?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=armhf&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/443768?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=loongarch64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/543540?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=s390x&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/543542?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=x86_64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=x86_64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/563923?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=aarch64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=aarch64&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/563925?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=armv7&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=armv7&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/960177?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=armv7&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=armv7&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/960178?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=ppc64le&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/960179?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=riscv64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=riscv64&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/443766?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=armhf&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=armhf&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/443770?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=riscv64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=riscv64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/443771?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=s390x&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/443773?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=x86_64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=x86_64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/543534?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=aarch64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/563931?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=x86_64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=x86_64&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/960180?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=s390x&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=s390x&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/960181?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=x86&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=x86&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/960182?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=x86_64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=x86_64&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/983980?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=loongarch64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/983982?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=riscv64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=riscv64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/443769?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=ppc64le&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/983977?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=aarch64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=aarch64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/983983?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=s390x&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=s390x&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/983984?format=json","purl":"pkg:apk/alpine/dotnet8-runtime@8.0.16-r0?arch=x86&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet8-runtime@8.0.16-r0%3Farch=x86&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/428446?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=aarch64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/428450?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=ppc64le&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=ppc64le&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/553308?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=armhf&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=armhf&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/553315?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=x86_64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=x86_64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/567826?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=armv7&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=armv7&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/567831?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=x86&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=x86&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/967550?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=x86_64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=x86_64&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/428451?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=riscv64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/428447?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=armhf&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=armhf&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/428448?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=armv7&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=armv7&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/553311?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=ppc64le&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/567824?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=aarch64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=aarch64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/567829?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=riscv64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=riscv64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/428452?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=s390x&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/428454?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=x86_64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=x86_64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/428449?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=loongarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=loongarch64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/553309?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=armv7&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/553310?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=loongarch64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/553312?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=riscv64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=riscv64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/553314?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=x86&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=x86&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/567825?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=armhf&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/567827?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=loongarch64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/567828?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=ppc64le&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/567832?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=x86_64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=x86_64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/967542?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=aarch64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=aarch64&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/967543?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=armhf&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=armhf&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/967546?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=ppc64le&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=ppc64le&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/967548?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=s390x&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=s390x&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/967549?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=x86&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=x86&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/428453?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=x86&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/553307?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=aarch64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=aarch64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/553313?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=s390x&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/567830?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=s390x&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=s390x&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/967544?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=armv7&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=armv7&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/967545?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=loongarch64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=loongarch64&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/967547?format=json","purl":"pkg:apk/alpine/dotnet9-runtime@9.0.5-r0?arch=riscv64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dotnet9-runtime@9.0.5-r0%3Farch=riscv64&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/71155?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@15.9.30","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@15.9.30"},{"url":"http://public2.vulnerablecode.io/api/packages/71156?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@16.11.6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.11.6"},{"url":"http://public2.vulnerablecode.io/api/packages/71157?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.8.29","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrdk-wnbt-cyes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.8.29"},{"url":"http://public2.vulnerablecode.io/api/packages/71158?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.10.29","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrdk-wnbt-cyes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.10.29"},{"url":"http://public2.vulnerablecode.io/api/packages/71160?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.12.36","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrdk-wnbt-cyes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.12.36"},{"url":"http://public2.vulnerablecode.io/api/packages/71162?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.13.26","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.13.26"},{"url":"http://public2.vulnerablecode.io/api/packages/71164?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.14.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrdk-wnbt-cyes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.14.8"},{"url":"http://public2.vulnerablecode.io/api/packages/68354?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.15.0-preview-25277-114","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrdk-wnbt-cyes"},{"vulnerability":"VCID-qqh6-yhjn-27g7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.15.0-preview-25277-114"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/570409?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@15.8.166","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@15.8.166"},{"url":"http://public2.vulnerablecode.io/api/packages/763766?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@15.9.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@15.9.20"},{"url":"http://public2.vulnerablecode.io/api/packages/570410?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@16.0.461","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.0.461"},{"url":"http://public2.vulnerablecode.io/api/packages/763767?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@16.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/763768?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@16.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/763769?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@16.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/763770?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@16.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/763771?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@16.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/763772?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@16.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/763773?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@16.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/763774?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@16.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.10.0"},{"url":"http://public2.vulnerablecode.io/api/packages/763775?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@16.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@16.11.0"},{"url":"http://public2.vulnerablecode.io/api/packages/570411?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/763776?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/763777?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/763778?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/763779?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/763780?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/763781?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/763782?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/763783?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/763784?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/763785?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.6.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.6.3"},{"url":"http://public2.vulnerablecode.io/api/packages/763786?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/763787?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.7.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.7.2"},{"url":"http://public2.vulnerablecode.io/api/packages/763788?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.8.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.8.3"},{"url":"http://public2.vulnerablecode.io/api/packages/570412?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.9.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.9.5"},{"url":"http://public2.vulnerablecode.io/api/packages/763789?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.10.0-preview-24081-01","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.10.0-preview-24081-01"},{"url":"http://public2.vulnerablecode.io/api/packages/763790?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.10.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.10.4"},{"url":"http://public2.vulnerablecode.io/api/packages/71159?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.11.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.11.4"},{"url":"http://public2.vulnerablecode.io/api/packages/71161?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.12.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.12.6"},{"url":"http://public2.vulnerablecode.io/api/packages/71163?format=json","purl":"pkg:nuget/Microsoft.Build.Tasks.Core@17.13.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Build.Tasks.Core@17.13.9"},{"url":"http://public2.vulnerablecode.io/api/packages/90565?format=json","purl":"pkg:rpm/redhat/dotnet8.0@8.0.116-1?arch=el9_6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/dotnet8.0@8.0.116-1%3Farch=el9_6"},{"url":"http://public2.vulnerablecode.io/api/packages/90567?format=json","purl":"pkg:rpm/redhat/dotnet8.0@8.0.116-1?arch=el9_4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/dotnet8.0@8.0.116-1%3Farch=el9_4"},{"url":"http://public2.vulnerablecode.io/api/packages/90564?format=json","purl":"pkg:rpm/redhat/dotnet8.0@8.0.116-1?arch=el10_0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/dotnet8.0@8.0.116-1%3Farch=el10_0"},{"url":"http://public2.vulnerablecode.io/api/packages/90566?format=json","purl":"pkg:rpm/redhat/dotnet8.0@8.0.116-1?arch=el8_10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/dotnet8.0@8.0.116-1%3Farch=el8_10"},{"url":"http://public2.vulnerablecode.io/api/packages/1076539?format=json","purl":"pkg:rpm/redhat/dotnet8-0-main@8.0.126-1?arch=hum1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"},{"vulnerability":"VCID-cc3y-8y5n-v7cq"},{"vulnerability":"VCID-cju3-5hjk-h3d3"},{"vulnerability":"VCID-hrdk-wnbt-cyes"},{"vulnerability":"VCID-hrem-hhst-97en"},{"vulnerability":"VCID-k3fx-jcj4-jfc6"},{"vulnerability":"VCID-kd36-kt84-1fcz"},{"vulnerability":"VCID-u6eh-1bec-n7c2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/dotnet8-0-main@8.0.126-1%3Farch=hum1"},{"url":"http://public2.vulnerablecode.io/api/packages/90561?format=json","purl":"pkg:rpm/redhat/dotnet9.0@9.0.106-1?arch=el10_0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/dotnet9.0@9.0.106-1%3Farch=el10_0"},{"url":"http://public2.vulnerablecode.io/api/packages/90562?format=json","purl":"pkg:rpm/redhat/dotnet9.0@9.0.106-1?arch=el8_10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/dotnet9.0@9.0.106-1%3Farch=el8_10"},{"url":"http://public2.vulnerablecode.io/api/packages/90563?format=json","purl":"pkg:rpm/redhat/dotnet9.0@9.0.106-1?arch=el9_6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/dotnet9.0@9.0.106-1%3Farch=el9_6"},{"url":"http://public2.vulnerablecode.io/api/packages/1076540?format=json","purl":"pkg:rpm/redhat/dotnet9-0-main@9.0.116-1?arch=hum1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4zux-cmaa-w3gd"},{"vulnerability":"VCID-cc3y-8y5n-v7cq"},{"vulnerability":"VCID-cju3-5hjk-h3d3"},{"vulnerability":"VCID-hrdk-wnbt-cyes"},{"vulnerability":"VCID-hrem-hhst-97en"},{"vulnerability":"VCID-k3fx-jcj4-jfc6"},{"vulnerability":"VCID-kd36-kt84-1fcz"},{"vulnerability":"VCID-u6eh-1bec-n7c2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/dotnet9-0-main@9.0.116-1%3Farch=hum1"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26646.json","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26646.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26646","reference_id":"","reference_type":"","scores":[{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38355","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.465","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46489","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46448","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46498","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46508","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46561","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46503","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46564","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46507","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46526","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46479","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46352","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26646"},{"reference_url":"https://github.com/dotnet/announcements/issues/356","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/announcements/issues/356"},{"reference_url":"https://github.com/dotnet/msbuild","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/msbuild"},{"reference_url":"https://github.com/dotnet/msbuild/issues/11846","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/msbuild/issues/11846"},{"reference_url":"https://github.com/dotnet/msbuild/security/advisories/GHSA-h4j7-5rxr-p4wc","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dotnet/msbuild/security/advisories/GHSA-h4j7-5rxr-p4wc"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26646","reference_id":"","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"},{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-14T15:57:11Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26646"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26646","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26646"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2365317","reference_id":"2365317","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2365317"},{"reference_url":"https://github.com/advisories/GHSA-h4j7-5rxr-p4wc","reference_id":"GHSA-h4j7-5rxr-p4wc","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h4j7-5rxr-p4wc"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7571","reference_id":"RHSA-2025:7571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7589","reference_id":"RHSA-2025:7589","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7589"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7598","reference_id":"RHSA-2025:7598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7599","reference_id":"RHSA-2025:7599","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7600","reference_id":"RHSA-2025:7600","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7600"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7601","reference_id":"RHSA-2025:7601","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7601"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7603","reference_id":"RHSA-2025:7603","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7603"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9080","reference_id":"RHSA-2026:9080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9205","reference_id":"RHSA-2026:9205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9205"},{"reference_url":"https://usn.ubuntu.com/7509-1/","reference_id":"USN-7509-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7509-1/"}],"weaknesses":[{"cwe_id":73,"name":"External Control of File Name or Path","description":"The product allows user input to control or influence paths or file names that are used in filesystem operations."},{"cwe_id":290,"name":"Authentication Bypass by Spoofing","description":"This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":"7.0 - 8.9","exploitability":"0.5","weighted_severity":"8.0","risk_score":4.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4zux-cmaa-w3gd"}