
We found results for “”
CVE-2025-30399
Good to know:

Date: June 12, 2025
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0 and .NET 9.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. An attacker could exploit this vulnerability by placing files in particular locations, leading to unintended code execution.
Severity Score
Related Resources (7)
Severity Score
Weakness Type (CWE)
Top Fix

Upgrade Version
Upgrade to version Microsoft.NETCore.App.Runtime.linux-arm - 8.0.17;Microsoft.NETCore.App.Runtime.linux-arm - 9.0.6;Microsoft.NETCore.App.Runtime.linux-arm64 - 8.0.17;Microsoft.NETCore.App.Runtime.linux-arm64 - 9.0.6;Microsoft.NETCore.App.Runtime.linux-musl-arm - 8.0.17;Microsoft.NETCore.App.Runtime.linux-musl-arm - 9.0.6;Microsoft.NETCore.App.Runtime.linux-musl-arm64 - 8.0.17;Microsoft.NETCore.App.Runtime.linux-musl-arm64 - 9.0.6;Microsoft.NETCore.App.Runtime.linux-musl-x64 - 8.0.17;Microsoft.NETCore.App.Runtime.linux-musl-x64 - 9.0.6;Microsoft.NETCore.App.Runtime.linux-x64 - 8.0.17;Microsoft.NETCore.App.Runtime.linux-x64 - 9.0.6;Microsoft.NETCore.App.Runtime.osx-arm64 - 8.0.17;Microsoft.NETCore.App.Runtime.osx-arm64 - 9.0.6;Microsoft.NETCore.App.Runtime.osx-x64 - 8.0.17;Microsoft.NETCore.App.Runtime.osx-x64 - 9.0.6;Microsoft.NETCore.App.Runtime.win-arm - 8.0.17;Microsoft.NETCore.App.Runtime.win-arm - 9.0.6;Microsoft.NETCore.App.Runtime.win-arm64 - 8.0.17;Microsoft.NETCore.App.Runtime.win-arm64 - 9.0.6;Microsoft.NETCore.App.Runtime.win-x64 - 8.0.17;Microsoft.NETCore.App.Runtime.win-x64 - 9.0.6;Microsoft.NETCore.App.Runtime.win-x86 - 8.0.17;Microsoft.NETCore.App.Runtime.win-x86 - 9.0.6;Microsoft.NetCore.App.Runtime.linux-arm - 9.0.6;Microsoft.NetCore.App.Runtime.linux-arm - 8.0.17;Microsoft.NetCore.App.Runtime.linux-arm64 - 9.0.6;Microsoft.NetCore.App.Runtime.linux-arm64 - 8.0.17;Microsoft.NetCore.App.Runtime.linux-musl-arm - 9.0.6;Microsoft.NetCore.App.Runtime.linux-musl-arm - 8.0.17;Microsoft.NetCore.App.Runtime.linux-musl-arm64 - 9.0.6;Microsoft.NetCore.App.Runtime.linux-musl-arm64 - 8.0.17;Microsoft.NetCore.App.Runtime.linux-musl-x64 - 9.0.6;Microsoft.NetCore.App.Runtime.linux-musl-x64 - 8.0.17;Microsoft.NetCore.App.Runtime.linux-x64 - 9.0.6;Microsoft.NetCore.App.Runtime.linux-x64 - 8.0.17;Microsoft.NetCore.App.Runtime.osx-arm64 - 9.0.6;Microsoft.NetCore.App.Runtime.osx-arm64 - 8.0.17;Microsoft.NetCore.App.Runtime.osx-x64 - 9.0.6;Microsoft.NetCore.App.Runtime.osx-x64 - 8.0.17;Microsoft.NetCore.App.Runtime.win-arm64 - 9.0.6;Microsoft.NetCore.App.Runtime.win-arm64 - 8.0.17;Microsoft.NetCore.App.Runtime.win-x64 - 9.0.6;Microsoft.NetCore.App.Runtime.win-x64 - 8.0.17;Microsoft.NetCore.App.Runtime.win-x86 - 9.0.6;Microsoft.NetCore.App.Runtime.win-x86 - 8.0.17
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | HIGH |
Privileges Required (PR): | NONE |
User Interaction (UI): | REQUIRED |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | HIGH |