VIR Vulnerability Intelligence Relay

CVE-2023-29331

high
Published 2023-06-14 · Modified 2023-06-23
CVSS v3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS v2
VIR risk
8.0

Description

Important: .NET 7.0 security, bug fix, and enhancement update

Predictions

Exploit likelihood
30%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2023-3592.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2023-3581.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2023-3593.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2212615

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2023:3593

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2023-3582.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2213703

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2212618

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2212617

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2192438

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2023:3582

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2023:3582

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2023:3593

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2023:3592

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2023:3581

OS impact
OSVersionStatusFixed in
redhat rhel9fixed
rockylinux rocky8fixed

Package impact
EcosystemPackageVulnerableFixed
nuget NuGetMicrosoft.Windows.Compatibility>=7.0.0,<7.0.37.0.3
nuget NuGetMicrosoft.Windows.Compatibility>=6.0.0,<6.0.66.0.6
nuget NuGetSystem.Security.Cryptography.Pkcs>=7.0.0,<7.0.27.0.2
nuget NuGetSystem.Security.Cryptography.Pkcs>=6.0.0,<6.0.36.0.3
nuget NuGetMicrosoft.NETCore.App.Runtime.linux-arm>=7.0.0,<7.0.77.0.7
nuget NuGetMicrosoft.NETCore.App.Runtime.linux-arm>=6.0.0,<6.0.186.0.18
nuget NuGetMicrosoft.NETCore.App.Runtime.linux-arm64>=6.0.0,<6.0.186.0.18
nuget NuGetMicrosoft.NETCore.App.Runtime.linux-arm64>=7.0.0,<7.0.77.0.7
nuget NuGetMicrosoft.NETCore.App.Runtime.linux-musl-arm>=7.0.0,<7.0.77.0.7
nuget NuGetMicrosoft.NETCore.App.Runtime.linux-musl-arm>=6.0.0,<6.0.186.0.18
nuget NuGetMicrosoft.NETCore.App.Runtime.linux-musl-arm64>=7.0.0,<7.0.77.0.7
nuget NuGetMicrosoft.NETCore.App.Runtime.linux-musl-arm64>=6.0.0,<6.0.186.0.18
nuget NuGetMicrosoft.NETCore.App.Runtime.linux-musl-x64>=6.0.0,<6.0.186.0.18
nuget NuGetMicrosoft.NETCore.App.Runtime.linux-musl-x64>=7.0.0,<7.0.77.0.7
nuget NuGetMicrosoft.NETCore.App.Runtime.linux-x64>=6.0.0,<6.0.186.0.18
nuget NuGetMicrosoft.NETCore.App.Runtime.linux-x64>=7.0.0,<7.0.77.0.7
nuget NuGetMicrosoft.NETCore.App.Runtime.osx-arm64>=6.0.0,<6.0.186.0.18
nuget NuGetMicrosoft.NETCore.App.Runtime.osx-arm64>=7.0.0,<7.0.77.0.7
nuget NuGetMicrosoft.NETCore.App.Runtime.osx-x64>=6.0.0,<6.0.186.0.18
nuget NuGetMicrosoft.NETCore.App.Runtime.osx-x64>=7.0.0,<7.0.77.0.7
nuget NuGetMicrosoft.NETCore.App.Runtime.win-arm>=6.0.0,<6.0.186.0.18
nuget NuGetMicrosoft.NETCore.App.Runtime.win-arm>=7.0.0,<7.0.77.0.7
nuget NuGetMicrosoft.NETCore.App.Runtime.win-arm64>=6.0.0,<6.0.186.0.18
nuget NuGetMicrosoft.NETCore.App.Runtime.win-arm64>=7.0.0,<7.0.77.0.7
nuget NuGetMicrosoft.NETCore.App.Runtime.win-x64>=6.0.0,<6.0.186.0.18
nuget NuGetMicrosoft.NETCore.App.Runtime.win-x64>=7.0.0,<7.0.77.0.7
nuget NuGetMicrosoft.NETCore.App.Runtime.win-x86>=7.0.0,<7.0.77.0.7
nuget NuGetMicrosoft.NETCore.App.Runtime.win-x86>=6.0.0,<6.0.186.0.18

References

Verify integrity in audit chain (admin only). AS-IS.