Action not permitted
Modal body text goes here.
CVE-2022-30184
Vulnerability from cvelistv5
Published
2022-06-15 21:52
Modified
2024-09-10 15:57
Severity
Summary
.NET and Visual Studio Information Disclosure Vulnerability
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:40:47.782Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30184"
},
{
"name": "FEDORA-2022-cd37732349",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWNH4AC3LFVX35MDRX5OBZDGD2AMH66K/"
},
{
"name": "FEDORA-2022-5508547b1e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DMP34G53EA2DBTBLFOAQCDZRRENE2EA2/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": ".NET 6.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": ".NET Core 3.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "3.1.26",
"status": "affected",
"version": "3.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.9.22",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2019:8.10:*:*:*:*:macos:*:*"
],
"platforms": [
"Unknown"
],
"product": "Visual Studio 2019 for Mac version 8.10",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.2",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.11.16",
"status": "affected",
"version": "16.11.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Microsoft Visual Studio 2022 version 17.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.11",
"status": "affected",
"version": "17.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Microsoft Visual Studio 2022 version 17.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.2.4",
"status": "affected",
"version": "17.2.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:nuget:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "NuGet.exe",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.0",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Visual Studio 2022 for Mac version 17.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "17.0.2",
"status": "affected",
"version": "17.0.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-14T07:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": ".NET and Visual Studio Information Disclosure Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:57:25.636Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30184"
},
{
"name": "FEDORA-2022-cd37732349",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWNH4AC3LFVX35MDRX5OBZDGD2AMH66K/"
},
{
"name": "FEDORA-2022-5508547b1e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DMP34G53EA2DBTBLFOAQCDZRRENE2EA2/"
}
],
"title": ".NET and Visual Studio Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2022-30184",
"datePublished": "2022-06-15T21:52:20",
"dateReserved": "2022-05-03T00:00:00",
"dateUpdated": "2024-09-10T15:57:25.636Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-30184\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2022-06-15T22:15:15.370\",\"lastModified\":\"2023-12-20T22:15:26.597\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\".NET and Visual Studio Information Disclosure Vulnerability\"},{\"lang\":\"es\",\"value\":\"Una Vulnerabilidad de Divulgaci\u00f3n de Informaci\u00f3n en .NET y Visual Studio\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":4.3},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"387021A0-AF36-463C-A605-32EA7DAC172E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.0\",\"versionEndExcluding\":\"17.0.4\",\"matchCriteriaId\":\"8095DD06-0E31-477D-97C8-8358D66E46A0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net:6.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DE0C8DD-9C73-4876-8193-068F18074B58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net_core:3.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"70BE107E-20A0-4998-A8ED-BCC414C6BDBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:nuget:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.2.1\",\"matchCriteriaId\":\"4AD07BA6-1A4A-4F3E-AA52-08D822416159\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0\",\"versionEndExcluding\":\"16.9.22\",\"matchCriteriaId\":\"C9025CDD-C3BB-48FC-9E9D-486A6246B833\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.10\",\"versionEndExcluding\":\"16.11.6\",\"matchCriteriaId\":\"08BF21BA-1D93-4402-9A4E-691000789125\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2019:8.10:*:*:*:*:macos:*:*\",\"matchCriteriaId\":\"BA547FFE-D557-4612-9840-EEE88ACF53AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.0\",\"versionEndExcluding\":\"17.0.11\",\"matchCriteriaId\":\"474482B7-6211-4988-B77E-C1C8378B09C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.2\",\"versionEndExcluding\":\"17.2.5\",\"matchCriteriaId\":\"F1E4B8BB-0B51-4F8E-8C94-72403EE73E24\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"}]}]}],\"references\":[{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DMP34G53EA2DBTBLFOAQCDZRRENE2EA2/\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWNH4AC3LFVX35MDRX5OBZDGD2AMH66K/\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30184\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
}
}
ghsa-3885-8gqc-3wpf
Vulnerability from github
Published
2022-06-14 21:57
Modified
2024-03-22 19:36
Severity
Summary
Potential leak of NuGet.org API key
Details
Description
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0 and .NET Core 3.1, NuGet (NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.CommandLine.XPlat version range from 3.5.0 to 6.2.0). This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A vulnerability exists in .NET 6.0, .NET Core 3.1, and NuGet (NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.CommandLine.XPlat version range from 3.5.0 to 6.2.0) where a nuget.org api key could leak due to an incorrect comparison with a server url.
Affected software
NuGet & NuGet Packages
- Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.CommandLine.XPlat 6.2.0 version or earlier.
- Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.CommandLine.XPlat 6.0.1 version or earlier.
- Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.CommandLine.XPlat 5.11.1 version or earlier.
- Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.CommandLine.XPlat 5.9.1 version or earlier.
- Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.CommandLine.XPlat 5.7.1 version or earlier.
- Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.CommandLine.XPlat 4.9.4 version or earlier.
.NET SDK(s)
- Any .NET 6.0 application running on .NET 6.0.5 or earlier.
- Any .NET 3.1 application running on .NET Core 3.1.25 or earlier.
Patches
-
If you're using NuGet.exe 6.2.0 or lower, you should download and install 6.2.1 from https://dist.nuget.org/win-x86-commandline/v6.2.1/nuget.exe.
-
If you're using NuGet.exe 6.0.1 or lower, you should download and install 6.0.2 from https://dist.nuget.org/win-x86-commandline/v6.0.2/nuget.exe.
-
If you're using NuGet.exe 5.11.1 or lower, you should download and install 5.11.2 from https://dist.nuget.org/win-x86-commandline/v5.11.2/nuget.exe.
-
If you're using NuGet.exe 5.9.1 or lower, you should download and install 5.9.2 from https://dist.nuget.org/win-x86-commandline/v5.9.2/nuget.exe.
-
If you're using NuGet.exe 5.7.1 or lower, you should download and install 5.7.2 from https://dist.nuget.org/win-x86-commandline/v4.7.2/nuget.exe.
-
If you're using NuGet.exe 4.9.4 or lower, you should download and install 4.9.5 from https://dist.nuget.org/win-x86-commandline/v4.9.5/nuget.exe.
-
If you're using .NET Core 6.0, you should download and install Runtime 6.0.6 or SDK 6.0.106 (for Visual Studio 2022 v17.0) or SDK 6.0.301 (for Visual Studio 2022 v17.2) from https://dotnet.microsoft.com/download/dotnet-core/6.0.
-
If you're using .NET Core 3.1, you should download and install Runtime 3.1.26 or SDK 3.1.420 (for Visual Studio 2019 v16.9 or Visual Studio 2011 16.11 or Visual Studio 2022 17.0 or Visual Studio 2022 17.1 ) from https://dotnet.microsoft.com/download/dotnet-core/3.1
.NET 6.0 and .NET Core 3.1 updates are also available from Microsoft Update. To access this either type "Check for updates" in your Windows search, or open Settings, choose Update & Security and then click Check for Updates.
Other Details
Announcement for this issue can be found at https://github.com/NuGet/Announcements/issues/62
MSRC details for this can be found at https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30184
{
"affected": [
{
"package": {
"ecosystem": "NuGet",
"name": "NuGet.Commands"
},
"ranges": [
{
"events": [
{
"introduced": "3.5.0"
},
{
"fixed": "4.9.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "NuGet.CommandLine"
},
"ranges": [
{
"events": [
{
"introduced": "3.5.0"
},
{
"fixed": "4.9.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "NuGet.CommandLine.XPlat"
},
"ranges": [
{
"events": [
{
"introduced": "3.5.0"
},
{
"fixed": "4.9.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "NuGet.Commands"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0"
},
{
"fixed": "5.2.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "NuGet.Commands"
},
"ranges": [
{
"events": [
{
"introduced": "5.3.0"
},
{
"fixed": "5.7.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "NuGet.Commands"
},
"ranges": [
{
"events": [
{
"introduced": "5.8.0"
},
{
"fixed": "5.9.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "NuGet.Commands"
},
"ranges": [
{
"events": [
{
"introduced": "5.10.0"
},
{
"fixed": "5.11.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "NuGet.Commands"
},
"ranges": [
{
"events": [
{
"introduced": "6.0.0"
},
{
"fixed": "6.0.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "NuGet.Commands"
},
"ranges": [
{
"events": [
{
"introduced": "6.1.0"
},
{
"fixed": "6.2.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "NuGet.CommandLine"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0"
},
{
"fixed": "5.2.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "NuGet.CommandLine"
},
"ranges": [
{
"events": [
{
"introduced": "5.3.0"
},
{
"fixed": "5.7.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "NuGet.CommandLine"
},
"ranges": [
{
"events": [
{
"introduced": "5.8.0"
},
{
"fixed": "5.9.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "NuGet.CommandLine"
},
"ranges": [
{
"events": [
{
"introduced": "5.10.0"
},
{
"fixed": "5.11.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "NuGet.CommandLine"
},
"ranges": [
{
"events": [
{
"introduced": "6.0.0"
},
{
"fixed": "6.0.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "NuGet.CommandLine"
},
"ranges": [
{
"events": [
{
"introduced": "6.1.0"
},
{
"fixed": "6.2.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "NuGet.CommandLine.XPlat"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0"
},
{
"fixed": "5.2.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "NuGet.CommandLine.XPlat"
},
"ranges": [
{
"events": [
{
"introduced": "5.3.0"
},
{
"fixed": "5.7.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "NuGet.CommandLine.XPlat"
},
"ranges": [
{
"events": [
{
"introduced": "5.8.0"
},
{
"fixed": "5.9.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "NuGet.CommandLine.XPlat"
},
"ranges": [
{
"events": [
{
"introduced": "5.10.0"
},
{
"fixed": "5.11.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "NuGet.CommandLine.XPlat"
},
"ranges": [
{
"events": [
{
"introduced": "6.0.0"
},
{
"fixed": "6.0.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "NuGet.CommandLine.XPlat"
},
"ranges": [
{
"events": [
{
"introduced": "6.1.0"
},
{
"fixed": "6.2.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-30184"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": true,
"github_reviewed_at": "2022-06-14T21:57:52Z",
"nvd_published_at": "2022-06-15T22:15:00Z",
"severity": "MODERATE"
},
"details": "### Description \n\nMicrosoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0 and .NET Core 3.1, NuGet (NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.CommandLine.XPlat version range from 3.5.0 to 6.2.0). This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.\n\nA vulnerability exists in .NET 6.0, .NET Core 3.1, and NuGet (NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.CommandLine.XPlat version range from 3.5.0 to 6.2.0) where a nuget.org api key could leak due to an incorrect comparison with a server url.\n\n### Affected software \n\n#### NuGet \u0026 NuGet Packages\n\n- Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.CommandLine.XPlat 6.2.0 version or earlier.\n- Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.CommandLine.XPlat 6.0.1 version or earlier.\n- Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.CommandLine.XPlat 5.11.1 version or earlier.\n- Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.CommandLine.XPlat 5.9.1 version or earlier.\n- Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.CommandLine.XPlat 5.7.1 version or earlier.\n- Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.CommandLine.XPlat 4.9.4 version or earlier.\n\n#### .NET SDK(s)\n\n- Any .NET 6.0 application running on .NET 6.0.5 or earlier.\n- Any .NET 3.1 application running on .NET Core 3.1.25 or earlier.\n\n### Patches \n\n- If you\u0027re using NuGet.exe 6.2.0 or lower, you should download and install 6.2.1 from https://dist.nuget.org/win-x86-commandline/v6.2.1/nuget.exe. \n\n- If you\u0027re using NuGet.exe 6.0.1 or lower, you should download and install 6.0.2 from https://dist.nuget.org/win-x86-commandline/v6.0.2/nuget.exe. \n\n- If you\u0027re using NuGet.exe 5.11.1 or lower, you should download and install 5.11.2 from https://dist.nuget.org/win-x86-commandline/v5.11.2/nuget.exe. \n\n- If you\u0027re using NuGet.exe 5.9.1 or lower, you should download and install 5.9.2 from https://dist.nuget.org/win-x86-commandline/v5.9.2/nuget.exe. \n\n- If you\u0027re using NuGet.exe 5.7.1 or lower, you should download and install 5.7.2 from https://dist.nuget.org/win-x86-commandline/v4.7.2/nuget.exe. \n\n- If you\u0027re using NuGet.exe 4.9.4 or lower, you should download and install 4.9.5 from https://dist.nuget.org/win-x86-commandline/v4.9.5/nuget.exe. \n\n- If you\u0027re using .NET Core 6.0, you should download and install Runtime 6.0.6 or SDK 6.0.106 (for Visual Studio 2022 v17.0) or SDK 6.0.301 (for Visual Studio 2022 v17.2) from https://dotnet.microsoft.com/download/dotnet-core/6.0. \n\n- If you\u0027re using .NET Core 3.1, you should download and install Runtime 3.1.26 or SDK 3.1.420 (for Visual Studio 2019 v16.9 or Visual Studio 2011 16.11 or Visual Studio 2022 17.0 or Visual Studio 2022 17.1 ) from https://dotnet.microsoft.com/download/dotnet-core/3.1 \n\n.NET 6.0 and .NET Core 3.1 updates are also available from Microsoft Update. To access this either type \"Check for updates\" in your Windows search, or open Settings, choose Update \u0026 Security and then click Check for Updates. \n\n### Other Details \n\nAnnouncement for this issue can be found at https://github.com/NuGet/Announcements/issues/62\n \nMSRC details for this can be found at\u202fhttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30184",
"id": "GHSA-3885-8gqc-3wpf",
"modified": "2024-03-22T19:36:09Z",
"published": "2022-06-14T21:57:52Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/NuGet/NuGet.Client/security/advisories/GHSA-3885-8gqc-3wpf"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30184"
},
{
"type": "WEB",
"url": "https://github.com/NuGet/Home/issues/11883#issuecomment-1156194755"
},
{
"type": "WEB",
"url": "https://github.com/NuGet/NuGet.Client/commit/ec6e62a645ec6b53a8784bf4571cac7786fd700b#diff-9e678e6dcc29381eb7c564f0e75ffc3ffc35458eca412c35b6404340b698d074R58-R65"
},
{
"type": "PACKAGE",
"url": "https://github.com/NuGet/NuGet.Client"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DMP34G53EA2DBTBLFOAQCDZRRENE2EA2"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWNH4AC3LFVX35MDRX5OBZDGD2AMH66K"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DMP34G53EA2DBTBLFOAQCDZRRENE2EA2"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWNH4AC3LFVX35MDRX5OBZDGD2AMH66K"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30184"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Potential leak of NuGet.org API key"
}
gsd-2022-30184
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
.NET and Visual Studio Information Disclosure Vulnerability.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-30184",
"description": ".NET and Visual Studio Information Disclosure Vulnerability.",
"id": "GSD-2022-30184",
"references": [
"https://linux.oracle.com/cve/CVE-2022-30184.html",
"https://access.redhat.com/errata/RHSA-2022:5046",
"https://access.redhat.com/errata/RHSA-2022:5047",
"https://access.redhat.com/errata/RHSA-2022:5050",
"https://access.redhat.com/errata/RHSA-2022:5061",
"https://access.redhat.com/errata/RHSA-2022:5062"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-30184"
],
"details": ".NET and Visual Studio Information Disclosure Vulnerability.",
"id": "GSD-2022-30184",
"modified": "2023-12-13T01:19:36.700470Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2022-30184",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": ".NET 6.0",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "6.0.0",
"version_value": "6.0.6"
}
]
}
},
{
"product_name": ".NET Core 3.1",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "3.1",
"version_value": "3.1.26"
}
]
}
},
{
"product_name": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "15.0.0",
"version_value": "16.9.22"
}
]
}
},
{
"product_name": "Visual Studio 2019 for Mac version 8.10",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.1.0",
"version_value": "17.0.2"
}
]
}
},
{
"product_name": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "16.11.0",
"version_value": "16.11.16"
}
]
}
},
{
"product_name": "Microsoft Visual Studio 2022 version 17.0",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "17.0.0",
"version_value": "17.0.11"
}
]
}
},
{
"product_name": "Microsoft Visual Studio 2022 version 17.2",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "17.2.0",
"version_value": "17.2.4"
}
]
}
},
{
"product_name": "NuGet.exe",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "6.0.0",
"version_value": "6.2.0"
}
]
}
},
{
"product_name": "Visual Studio 2022 for Mac version 17.0",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "17.0.0",
"version_value": "17.0.2"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": ".NET and Visual Studio Information Disclosure Vulnerability"
}
]
},
"impact": {
"cvss": [
{
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30184",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30184"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWNH4AC3LFVX35MDRX5OBZDGD2AMH66K/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWNH4AC3LFVX35MDRX5OBZDGD2AMH66K/"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DMP34G53EA2DBTBLFOAQCDZRRENE2EA2/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DMP34G53EA2DBTBLFOAQCDZRRENE2EA2/"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "[3.5.0,4.9.5),[5.0.0,5.2.1),[5.3.0,5.7.2),[5.8.0,5.9.2),[5.10.0,5.11.2),[6.0.0,6.0.2),[6.1.0,6.2.1)",
"affected_versions": "All versions starting from 3.5.0 before 4.9.5, all versions starting from 5.0.0 before 5.2.1, all versions starting from 5.3.0 before 5.7.2, all versions starting from 5.8.0 before 5.9.2, all versions starting from 5.10.0 before 5.11.2, all versions starting from 6.0.0 before 6.0.2, all versions starting from 6.1.0 before 6.2.1",
"cwe_ids": [
"CWE-1035",
"CWE-937"
],
"date": "2022-06-14",
"description": "Potential leak of NuGet.org API key",
"fixed_versions": [
"4.9.5",
"5.2.1",
"5.7.2",
"5.9.2",
"5.11.2",
"6.0.2",
"6.2.1"
],
"identifier": "GMS-2022-2162",
"identifiers": [
"GHSA-3885-8gqc-3wpf",
"GMS-2022-2162",
"CVE-2022-30184"
],
"not_impacted": "All versions before 3.5.0, all versions starting from 4.9.5 before 5.0.0, all versions starting from 5.2.1 before 5.3.0, all versions starting from 5.7.2 before 5.8.0, all versions starting from 5.9.2 before 5.10.0, all versions starting from 5.11.2 before 6.0.0, all versions starting from 6.0.2 before 6.1.0, all versions starting from 6.2.1",
"package_slug": "nuget/NuGet.CommandLine.XPlat",
"pubdate": "2022-06-14",
"solution": "Upgrade to versions 4.9.5, 5.2.1, 5.7.2, 5.9.2, 5.11.2, 6.0.2, 6.2.1 or above.",
"title": "Key Management Errors",
"urls": [
"https://github.com/NuGet/NuGet.Client/security/advisories/GHSA-3885-8gqc-3wpf",
"https://github.com/advisories/GHSA-3885-8gqc-3wpf"
],
"uuid": "b577caaa-8a8f-4391-94c5-a211ae3183fb"
},
{
"affected_range": "[3.5.0,4.9.5),[5.0.0,5.2.1),[5.3.0,5.7.2),[5.8.0,5.9.2),[5.10.0,5.11.2),[6.0.0,6.0.2),[6.1.0,6.2.1)",
"affected_versions": "All versions starting from 3.5.0 before 4.9.5, all versions starting from 5.0.0 before 5.2.1, all versions starting from 5.3.0 before 5.7.2, all versions starting from 5.8.0 before 5.9.2, all versions starting from 5.10.0 before 5.11.2, all versions starting from 6.0.0 before 6.0.2, all versions starting from 6.1.0 before 6.2.1",
"cwe_ids": [
"CWE-1035",
"CWE-937"
],
"date": "2022-06-14",
"description": "Potential leak of NuGet.org API key",
"fixed_versions": [
"4.9.5",
"5.2.1",
"5.7.2",
"5.9.2",
"5.11.2",
"6.0.2",
"6.2.1"
],
"identifier": "GMS-2022-2161",
"identifiers": [
"GHSA-3885-8gqc-3wpf",
"GMS-2022-2161",
"CVE-2022-30184"
],
"not_impacted": "All versions before 3.5.0, all versions starting from 4.9.5 before 5.0.0, all versions starting from 5.2.1 before 5.3.0, all versions starting from 5.7.2 before 5.8.0, all versions starting from 5.9.2 before 5.10.0, all versions starting from 5.11.2 before 6.0.0, all versions starting from 6.0.2 before 6.1.0, all versions starting from 6.2.1",
"package_slug": "nuget/NuGet.CommandLine",
"pubdate": "2022-06-14",
"solution": "Upgrade to versions 4.9.5, 5.2.1, 5.7.2, 5.9.2, 5.11.2, 6.0.2, 6.2.1 or above.",
"title": "Key Management Errors",
"urls": [
"https://github.com/NuGet/NuGet.Client/security/advisories/GHSA-3885-8gqc-3wpf",
"https://github.com/advisories/GHSA-3885-8gqc-3wpf"
],
"uuid": "1d91f837-92a2-4b8c-9e85-f1c46e6c3b41"
},
{
"affected_range": "[3.5.0,4.9.5),[5.0.0,5.2.1),[5.3.0,5.7.2),[5.8.0,5.9.2),[5.10.0,5.11.2),[6.0.0,6.0.2),[6.1.0,6.2.1)",
"affected_versions": "All versions starting from 3.5.0 before 4.9.5, all versions starting from 5.0.0 before 5.2.1, all versions starting from 5.3.0 before 5.7.2, all versions starting from 5.8.0 before 5.9.2, all versions starting from 5.10.0 before 5.11.2, all versions starting from 6.0.0 before 6.0.2, all versions starting from 6.1.0 before 6.2.1",
"cwe_ids": [
"CWE-1035",
"CWE-937"
],
"date": "2022-06-14",
"description": "Potential leak of NuGet.org API key",
"fixed_versions": [
"4.9.5",
"5.2.1",
"5.7.2",
"5.9.2",
"5.11.2",
"6.0.2",
"6.2.1"
],
"identifier": "GMS-2022-2163",
"identifiers": [
"GHSA-3885-8gqc-3wpf",
"GMS-2022-2163",
"CVE-2022-30184"
],
"not_impacted": "All versions before 3.5.0, all versions starting from 4.9.5 before 5.0.0, all versions starting from 5.2.1 before 5.3.0, all versions starting from 5.7.2 before 5.8.0, all versions starting from 5.9.2 before 5.10.0, all versions starting from 5.11.2 before 6.0.0, all versions starting from 6.0.2 before 6.1.0, all versions starting from 6.2.1",
"package_slug": "nuget/NuGet.Commands",
"pubdate": "2022-06-14",
"solution": "Upgrade to versions 4.9.5, 5.2.1, 5.7.2, 5.9.2, 5.11.2, 6.0.2, 6.2.1 or above.",
"title": "Key Management Errors",
"urls": [
"https://github.com/NuGet/NuGet.Client/security/advisories/GHSA-3885-8gqc-3wpf",
"https://github.com/advisories/GHSA-3885-8gqc-3wpf"
],
"uuid": "d407e4ec-9db4-44b7-b37c-db43f8ac2be2"
}
]
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8095DD06-0E31-477D-97C8-8358D66E46A0",
"versionEndExcluding": "17.0.4",
"versionStartIncluding": "17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:.net:6.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "1DE0C8DD-9C73-4876-8193-068F18074B58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:.net_core:3.1:-:*:*:*:*:*:*",
"matchCriteriaId": "70BE107E-20A0-4998-A8ED-BCC414C6BDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:nuget:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AD07BA6-1A4A-4F3E-AA52-08D822416159",
"versionEndExcluding": "6.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9025CDD-C3BB-48FC-9E9D-486A6246B833",
"versionEndExcluding": "16.9.22",
"versionStartIncluding": "16.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08BF21BA-1D93-4402-9A4E-691000789125",
"versionEndExcluding": "16.11.6",
"versionStartIncluding": "16.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2019:8.10:*:*:*:*:macos:*:*",
"matchCriteriaId": "BA547FFE-D557-4612-9840-EEE88ACF53AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "474482B7-6211-4988-B77E-C1C8378B09C9",
"versionEndExcluding": "17.0.11",
"versionStartIncluding": "17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E4B8BB-0B51-4F8E-8C94-72403EE73E24",
"versionEndExcluding": "17.2.5",
"versionStartIncluding": "17.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": ".NET and Visual Studio Information Disclosure Vulnerability"
},
{
"lang": "es",
"value": "Una Vulnerabilidad de Divulgaci\u00f3n de Informaci\u00f3n en .NET y Visual Studio"
}
],
"id": "CVE-2022-30184",
"lastModified": "2023-12-20T22:15:26.597",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "secure@microsoft.com",
"type": "Primary"
}
]
},
"published": "2022-06-15T22:15:15.370",
"references": [
{
"source": "secure@microsoft.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DMP34G53EA2DBTBLFOAQCDZRRENE2EA2/"
},
{
"source": "secure@microsoft.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWNH4AC3LFVX35MDRX5OBZDGD2AMH66K/"
},
{
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30184"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
}
}
}
rhsa-2022_5061
Vulnerability from csaf_redhat
Published
2022-06-15 15:53
Modified
2024-09-16 08:18
Summary
Red Hat Security Advisory: .NET Core 3.1 security and bugfix update
Notes
Topic
An update for .NET Core 3.1 is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 3.1.420 and .NET Runtime 3.1.26.
Security Fix(es):
* dotnet: NuGet Credential leak due to loss of control of third party symbol server domain (CVE-2022-30184)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for .NET Core 3.1 is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": ".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 3.1.420 and .NET Runtime 3.1.26.\n\nSecurity Fix(es):\n\n* dotnet: NuGet Credential leak due to loss of control of third party symbol server domain (CVE-2022-30184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:5061",
"url": "https://access.redhat.com/errata/RHSA-2022:5061"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2096963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096963"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_5061.json"
}
],
"title": "Red Hat Security Advisory: .NET Core 3.1 security and bugfix update",
"tracking": {
"current_release_date": "2024-09-16T08:18:17+00:00",
"generator": {
"date": "2024-09-16T08:18:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:5061",
"initial_release_date": "2022-06-15T15:53:11+00:00",
"revision_history": [
{
"date": "2022-06-15T15:53:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-06-15T15:53:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T08:18:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux CRB (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "aspnetcore-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"product": {
"name": "aspnetcore-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"product_id": "aspnetcore-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aspnetcore-runtime-3.1@3.1.26-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "aspnetcore-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"product": {
"name": "aspnetcore-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"product_id": "aspnetcore-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aspnetcore-targeting-pack-3.1@3.1.26-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-apphost-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"product": {
"name": "dotnet-apphost-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"product_id": "dotnet-apphost-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-apphost-pack-3.1@3.1.26-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-hostfxr-3.1-0:3.1.26-1.el8_6.x86_64",
"product": {
"name": "dotnet-hostfxr-3.1-0:3.1.26-1.el8_6.x86_64",
"product_id": "dotnet-hostfxr-3.1-0:3.1.26-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-hostfxr-3.1@3.1.26-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"product": {
"name": "dotnet-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"product_id": "dotnet-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-runtime-3.1@3.1.26-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-sdk-3.1-0:3.1.420-1.el8_6.x86_64",
"product": {
"name": "dotnet-sdk-3.1-0:3.1.420-1.el8_6.x86_64",
"product_id": "dotnet-sdk-3.1-0:3.1.420-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-sdk-3.1@3.1.420-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"product": {
"name": "dotnet-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"product_id": "dotnet-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-targeting-pack-3.1@3.1.26-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-templates-3.1-0:3.1.420-1.el8_6.x86_64",
"product": {
"name": "dotnet-templates-3.1-0:3.1.420-1.el8_6.x86_64",
"product_id": "dotnet-templates-3.1-0:3.1.420-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-templates-3.1@3.1.420-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet3.1-debugsource-0:3.1.420-1.el8_6.x86_64",
"product": {
"name": "dotnet3.1-debugsource-0:3.1.420-1.el8_6.x86_64",
"product_id": "dotnet3.1-debugsource-0:3.1.420-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet3.1-debugsource@3.1.420-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-apphost-pack-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"product": {
"name": "dotnet-apphost-pack-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"product_id": "dotnet-apphost-pack-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-apphost-pack-3.1-debuginfo@3.1.26-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-hostfxr-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"product": {
"name": "dotnet-hostfxr-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"product_id": "dotnet-hostfxr-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-hostfxr-3.1-debuginfo@3.1.26-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-runtime-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"product": {
"name": "dotnet-runtime-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"product_id": "dotnet-runtime-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-runtime-3.1-debuginfo@3.1.26-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-sdk-3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"product": {
"name": "dotnet-sdk-3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"product_id": "dotnet-sdk-3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-sdk-3.1-debuginfo@3.1.420-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"product": {
"name": "dotnet3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"product_id": "dotnet3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet3.1-debuginfo@3.1.420-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el8_6.x86_64",
"product": {
"name": "dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el8_6.x86_64",
"product_id": "dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-sdk-3.1-source-built-artifacts@3.1.420-1.el8_6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "dotnet3.1-0:3.1.420-1.el8_6.src",
"product": {
"name": "dotnet3.1-0:3.1.420-1.el8_6.src",
"product_id": "dotnet3.1-0:3.1.420-1.el8_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet3.1@3.1.420-1.el8_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-runtime-3.1-0:3.1.26-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-3.1-0:3.1.26-1.el8_6.x86_64"
},
"product_reference": "aspnetcore-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64"
},
"product_reference": "aspnetcore-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-3.1-0:3.1.26-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-3.1-0:3.1.26-1.el8_6.x86_64"
},
"product_reference": "dotnet-apphost-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64"
},
"product_reference": "dotnet-apphost-pack-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-3.1-0:3.1.26-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-3.1-0:3.1.26-1.el8_6.x86_64"
},
"product_reference": "dotnet-hostfxr-3.1-0:3.1.26-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64"
},
"product_reference": "dotnet-hostfxr-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-3.1-0:3.1.26-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-3.1-0:3.1.26-1.el8_6.x86_64"
},
"product_reference": "dotnet-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64"
},
"product_reference": "dotnet-runtime-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-3.1-0:3.1.420-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-0:3.1.420-1.el8_6.x86_64"
},
"product_reference": "dotnet-sdk-3.1-0:3.1.420-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-3.1-debuginfo-0:3.1.420-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-debuginfo-0:3.1.420-1.el8_6.x86_64"
},
"product_reference": "dotnet-sdk-3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el8_6.x86_64"
},
"product_reference": "dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64"
},
"product_reference": "dotnet-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-templates-3.1-0:3.1.420-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-templates-3.1-0:3.1.420-1.el8_6.x86_64"
},
"product_reference": "dotnet-templates-3.1-0:3.1.420-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet3.1-0:3.1.420-1.el8_6.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet3.1-0:3.1.420-1.el8_6.src"
},
"product_reference": "dotnet3.1-0:3.1.420-1.el8_6.src",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet3.1-debuginfo-0:3.1.420-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet3.1-debuginfo-0:3.1.420-1.el8_6.x86_64"
},
"product_reference": "dotnet3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet3.1-debugsource-0:3.1.420-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet3.1-debugsource-0:3.1.420-1.el8_6.x86_64"
},
"product_reference": "dotnet3.1-debugsource-0:3.1.420-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-runtime-3.1-0:3.1.26-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-3.1-0:3.1.26-1.el8_6.x86_64"
},
"product_reference": "aspnetcore-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64"
},
"product_reference": "aspnetcore-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-3.1-0:3.1.26-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-3.1-0:3.1.26-1.el8_6.x86_64"
},
"product_reference": "dotnet-apphost-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64"
},
"product_reference": "dotnet-apphost-pack-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-3.1-0:3.1.26-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-3.1-0:3.1.26-1.el8_6.x86_64"
},
"product_reference": "dotnet-hostfxr-3.1-0:3.1.26-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64"
},
"product_reference": "dotnet-hostfxr-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-3.1-0:3.1.26-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-3.1-0:3.1.26-1.el8_6.x86_64"
},
"product_reference": "dotnet-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64"
},
"product_reference": "dotnet-runtime-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-3.1-0:3.1.420-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-0:3.1.420-1.el8_6.x86_64"
},
"product_reference": "dotnet-sdk-3.1-0:3.1.420-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-3.1-debuginfo-0:3.1.420-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-debuginfo-0:3.1.420-1.el8_6.x86_64"
},
"product_reference": "dotnet-sdk-3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el8_6.x86_64"
},
"product_reference": "dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64"
},
"product_reference": "dotnet-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-templates-3.1-0:3.1.420-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-templates-3.1-0:3.1.420-1.el8_6.x86_64"
},
"product_reference": "dotnet-templates-3.1-0:3.1.420-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet3.1-0:3.1.420-1.el8_6.src as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet3.1-0:3.1.420-1.el8_6.src"
},
"product_reference": "dotnet3.1-0:3.1.420-1.el8_6.src",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet3.1-debuginfo-0:3.1.420-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet3.1-debuginfo-0:3.1.420-1.el8_6.x86_64"
},
"product_reference": "dotnet3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet3.1-debugsource-0:3.1.420-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet3.1-debugsource-0:3.1.420-1.el8_6.x86_64"
},
"product_reference": "dotnet3.1-debugsource-0:3.1.420-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-30184",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2022-06-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2096963"
}
],
"notes": [
{
"category": "description",
"text": ".NET and Visual Studio Information Disclosure Vulnerability",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dotnet: NuGet Credential leak due to loss of control of third party symbol server domain",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-3.1-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-0:3.1.420-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-templates-3.1-0:3.1.420-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet3.1-0:3.1.420-1.el8_6.src",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet3.1-debugsource-0:3.1.420-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-3.1-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-0:3.1.420-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-templates-3.1-0:3.1.420-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet3.1-0:3.1.420-1.el8_6.src",
"CRB-8.6.0.Z.MAIN.EUS:dotnet3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet3.1-debugsource-0:3.1.420-1.el8_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30184"
},
{
"category": "external",
"summary": "RHBZ#2096963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096963"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30184",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30184"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/225",
"url": "https://github.com/dotnet/announcements/issues/225"
},
{
"category": "external",
"summary": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30184",
"url": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30184"
}
],
"release_date": "2022-06-14T16:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-3.1-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-0:3.1.420-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-templates-3.1-0:3.1.420-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet3.1-0:3.1.420-1.el8_6.src",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet3.1-debugsource-0:3.1.420-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-3.1-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-0:3.1.420-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-templates-3.1-0:3.1.420-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet3.1-0:3.1.420-1.el8_6.src",
"CRB-8.6.0.Z.MAIN.EUS:dotnet3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet3.1-debugsource-0:3.1.420-1.el8_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5061"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-3.1-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-0:3.1.420-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-templates-3.1-0:3.1.420-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet3.1-0:3.1.420-1.el8_6.src",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet3.1-debugsource-0:3.1.420-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-3.1-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-3.1-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-3.1-debuginfo-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-0:3.1.420-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-3.1-0:3.1.26-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-templates-3.1-0:3.1.420-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet3.1-0:3.1.420-1.el8_6.src",
"CRB-8.6.0.Z.MAIN.EUS:dotnet3.1-debuginfo-0:3.1.420-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet3.1-debugsource-0:3.1.420-1.el8_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dotnet: NuGet Credential leak due to loss of control of third party symbol server domain"
}
]
}
rhsa-2022_5050
Vulnerability from csaf_redhat
Published
2022-06-15 22:09
Modified
2024-09-16 08:18
Summary
Red Hat Security Advisory: .NET 6.0 security and bugfix update
Notes
Topic
An update for .NET 6.0 is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.106 and .NET Runtime 6.0.6.
Security Fix(es):
* dotnet: NuGet Credential leak due to loss of control of third party symbol server domain (CVE-2022-30184)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for .NET 6.0 is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": ".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.106 and .NET Runtime 6.0.6.\n\nSecurity Fix(es):\n\n* dotnet: NuGet Credential leak due to loss of control of third party symbol server domain (CVE-2022-30184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:5050",
"url": "https://access.redhat.com/errata/RHSA-2022:5050"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2096963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096963"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_5050.json"
}
],
"title": "Red Hat Security Advisory: .NET 6.0 security and bugfix update",
"tracking": {
"current_release_date": "2024-09-16T08:18:24+00:00",
"generator": {
"date": "2024-09-16T08:18:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:5050",
"initial_release_date": "2022-06-15T22:09:33+00:00",
"revision_history": [
{
"date": "2022-06-15T22:09:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-06-15T22:09:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T08:18:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat CodeReady Linux Builder (v. 9)",
"product": {
"name": "Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.aarch64",
"product": {
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.aarch64",
"product_id": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-sdk-6.0-source-built-artifacts@6.0.106-1.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet6.0-debugsource-0:6.0.106-1.el9_0.aarch64",
"product": {
"name": "dotnet6.0-debugsource-0:6.0.106-1.el9_0.aarch64",
"product_id": "dotnet6.0-debugsource-0:6.0.106-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet6.0-debugsource@6.0.106-1.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"product": {
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"product_id": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-apphost-pack-6.0-debuginfo@6.0.6-1.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-host-debuginfo-0:6.0.6-1.el9_0.aarch64",
"product": {
"name": "dotnet-host-debuginfo-0:6.0.6-1.el9_0.aarch64",
"product_id": "dotnet-host-debuginfo-0:6.0.6-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-host-debuginfo@6.0.6-1.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"product": {
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"product_id": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-hostfxr-6.0-debuginfo@6.0.6-1.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"product": {
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"product_id": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-runtime-6.0-debuginfo@6.0.6-1.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"product": {
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"product_id": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-sdk-6.0-debuginfo@6.0.106-1.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"product": {
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"product_id": "dotnet6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet6.0-debuginfo@6.0.106-1.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"product": {
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"product_id": "aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aspnetcore-runtime-6.0@6.0.6-1.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"product": {
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"product_id": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aspnetcore-targeting-pack-6.0@6.0.6-1.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"product": {
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"product_id": "dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-apphost-pack-6.0@6.0.6-1.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-host-0:6.0.6-1.el9_0.aarch64",
"product": {
"name": "dotnet-host-0:6.0.6-1.el9_0.aarch64",
"product_id": "dotnet-host-0:6.0.6-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-host@6.0.6-1.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.aarch64",
"product": {
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.aarch64",
"product_id": "dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-hostfxr-6.0@6.0.6-1.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"product": {
"name": "dotnet-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"product_id": "dotnet-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-runtime-6.0@6.0.6-1.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-sdk-6.0-0:6.0.106-1.el9_0.aarch64",
"product": {
"name": "dotnet-sdk-6.0-0:6.0.106-1.el9_0.aarch64",
"product_id": "dotnet-sdk-6.0-0:6.0.106-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-sdk-6.0@6.0.106-1.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"product": {
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"product_id": "dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-targeting-pack-6.0@6.0.6-1.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-templates-6.0-0:6.0.106-1.el9_0.aarch64",
"product": {
"name": "dotnet-templates-6.0-0:6.0.106-1.el9_0.aarch64",
"product_id": "dotnet-templates-6.0-0:6.0.106-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-templates-6.0@6.0.106-1.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.aarch64",
"product": {
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.aarch64",
"product_id": "netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/netstandard-targeting-pack-2.1@6.0.106-1.el9_0?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.x86_64",
"product": {
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.x86_64",
"product_id": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-sdk-6.0-source-built-artifacts@6.0.106-1.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet6.0-debugsource-0:6.0.106-1.el9_0.x86_64",
"product": {
"name": "dotnet6.0-debugsource-0:6.0.106-1.el9_0.x86_64",
"product_id": "dotnet6.0-debugsource-0:6.0.106-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet6.0-debugsource@6.0.106-1.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"product": {
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"product_id": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-apphost-pack-6.0-debuginfo@6.0.6-1.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-host-debuginfo-0:6.0.6-1.el9_0.x86_64",
"product": {
"name": "dotnet-host-debuginfo-0:6.0.6-1.el9_0.x86_64",
"product_id": "dotnet-host-debuginfo-0:6.0.6-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-host-debuginfo@6.0.6-1.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"product": {
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"product_id": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-hostfxr-6.0-debuginfo@6.0.6-1.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"product": {
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"product_id": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-runtime-6.0-debuginfo@6.0.6-1.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"product": {
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"product_id": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-sdk-6.0-debuginfo@6.0.106-1.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"product": {
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"product_id": "dotnet6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet6.0-debuginfo@6.0.106-1.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"product": {
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"product_id": "aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aspnetcore-runtime-6.0@6.0.6-1.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"product": {
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"product_id": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aspnetcore-targeting-pack-6.0@6.0.6-1.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"product": {
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"product_id": "dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-apphost-pack-6.0@6.0.6-1.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-host-0:6.0.6-1.el9_0.x86_64",
"product": {
"name": "dotnet-host-0:6.0.6-1.el9_0.x86_64",
"product_id": "dotnet-host-0:6.0.6-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-host@6.0.6-1.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.x86_64",
"product": {
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.x86_64",
"product_id": "dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-hostfxr-6.0@6.0.6-1.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"product": {
"name": "dotnet-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"product_id": "dotnet-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-runtime-6.0@6.0.6-1.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-sdk-6.0-0:6.0.106-1.el9_0.x86_64",
"product": {
"name": "dotnet-sdk-6.0-0:6.0.106-1.el9_0.x86_64",
"product_id": "dotnet-sdk-6.0-0:6.0.106-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-sdk-6.0@6.0.106-1.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"product": {
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"product_id": "dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-targeting-pack-6.0@6.0.6-1.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-templates-6.0-0:6.0.106-1.el9_0.x86_64",
"product": {
"name": "dotnet-templates-6.0-0:6.0.106-1.el9_0.x86_64",
"product_id": "dotnet-templates-6.0-0:6.0.106-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-templates-6.0@6.0.106-1.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.x86_64",
"product": {
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.x86_64",
"product_id": "netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/netstandard-targeting-pack-2.1@6.0.106-1.el9_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.s390x",
"product": {
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.s390x",
"product_id": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-sdk-6.0-source-built-artifacts@6.0.106-1.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet6.0-debugsource-0:6.0.106-1.el9_0.s390x",
"product": {
"name": "dotnet6.0-debugsource-0:6.0.106-1.el9_0.s390x",
"product_id": "dotnet6.0-debugsource-0:6.0.106-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet6.0-debugsource@6.0.106-1.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"product": {
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"product_id": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-apphost-pack-6.0-debuginfo@6.0.6-1.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-host-debuginfo-0:6.0.6-1.el9_0.s390x",
"product": {
"name": "dotnet-host-debuginfo-0:6.0.6-1.el9_0.s390x",
"product_id": "dotnet-host-debuginfo-0:6.0.6-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-host-debuginfo@6.0.6-1.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"product": {
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"product_id": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-hostfxr-6.0-debuginfo@6.0.6-1.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"product": {
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"product_id": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-runtime-6.0-debuginfo@6.0.6-1.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"product": {
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"product_id": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-sdk-6.0-debuginfo@6.0.106-1.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"product": {
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"product_id": "dotnet6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet6.0-debuginfo@6.0.106-1.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"product": {
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"product_id": "aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aspnetcore-runtime-6.0@6.0.6-1.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"product": {
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"product_id": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aspnetcore-targeting-pack-6.0@6.0.6-1.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.s390x",
"product": {
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.s390x",
"product_id": "dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-apphost-pack-6.0@6.0.6-1.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-host-0:6.0.6-1.el9_0.s390x",
"product": {
"name": "dotnet-host-0:6.0.6-1.el9_0.s390x",
"product_id": "dotnet-host-0:6.0.6-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-host@6.0.6-1.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.s390x",
"product": {
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.s390x",
"product_id": "dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-hostfxr-6.0@6.0.6-1.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"product": {
"name": "dotnet-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"product_id": "dotnet-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-runtime-6.0@6.0.6-1.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-sdk-6.0-0:6.0.106-1.el9_0.s390x",
"product": {
"name": "dotnet-sdk-6.0-0:6.0.106-1.el9_0.s390x",
"product_id": "dotnet-sdk-6.0-0:6.0.106-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-sdk-6.0@6.0.106-1.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"product": {
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"product_id": "dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-targeting-pack-6.0@6.0.6-1.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-templates-6.0-0:6.0.106-1.el9_0.s390x",
"product": {
"name": "dotnet-templates-6.0-0:6.0.106-1.el9_0.s390x",
"product_id": "dotnet-templates-6.0-0:6.0.106-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-templates-6.0@6.0.106-1.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.s390x",
"product": {
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.s390x",
"product_id": "netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/netstandard-targeting-pack-2.1@6.0.106-1.el9_0?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dotnet6.0-0:6.0.106-1.el9_0.src",
"product": {
"name": "dotnet6.0-0:6.0.106-1.el9_0.src",
"product_id": "dotnet6.0-0:6.0.106-1.el9_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet6.0@6.0.106-1.el9_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "dotnet-host-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-0:6.0.6-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "dotnet-host-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "dotnet-host-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-debuginfo-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "dotnet-host-debuginfo-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-debuginfo-0:6.0.6-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "dotnet-host-debuginfo-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-debuginfo-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "dotnet-host-debuginfo-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "dotnet-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-0:6.0.6-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "dotnet-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "dotnet-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-0:6.0.106-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.aarch64"
},
"product_reference": "dotnet-sdk-6.0-0:6.0.106-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-0:6.0.106-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.s390x"
},
"product_reference": "dotnet-sdk-6.0-0:6.0.106-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-0:6.0.106-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.x86_64"
},
"product_reference": "dotnet-sdk-6.0-0:6.0.106-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.aarch64"
},
"product_reference": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.s390x"
},
"product_reference": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.x86_64"
},
"product_reference": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.aarch64"
},
"product_reference": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.s390x"
},
"product_reference": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.x86_64"
},
"product_reference": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-templates-6.0-0:6.0.106-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.aarch64"
},
"product_reference": "dotnet-templates-6.0-0:6.0.106-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-templates-6.0-0:6.0.106-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.s390x"
},
"product_reference": "dotnet-templates-6.0-0:6.0.106-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-templates-6.0-0:6.0.106-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.x86_64"
},
"product_reference": "dotnet-templates-6.0-0:6.0.106-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-0:6.0.106-1.el9_0.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-0:6.0.106-1.el9_0.src"
},
"product_reference": "dotnet6.0-0:6.0.106-1.el9_0.src",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.aarch64"
},
"product_reference": "dotnet6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.s390x"
},
"product_reference": "dotnet6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.x86_64"
},
"product_reference": "dotnet6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debugsource-0:6.0.106-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.aarch64"
},
"product_reference": "dotnet6.0-debugsource-0:6.0.106-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debugsource-0:6.0.106-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.s390x"
},
"product_reference": "dotnet6.0-debugsource-0:6.0.106-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debugsource-0:6.0.106-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.x86_64"
},
"product_reference": "dotnet6.0-debugsource-0:6.0.106-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.aarch64"
},
"product_reference": "netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.s390x"
},
"product_reference": "netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.x86_64"
},
"product_reference": "netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "dotnet-host-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-0:6.0.6-1.el9_0.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "dotnet-host-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "dotnet-host-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-debuginfo-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "dotnet-host-debuginfo-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-debuginfo-0:6.0.6-1.el9_0.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "dotnet-host-debuginfo-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-debuginfo-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "dotnet-host-debuginfo-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "dotnet-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-0:6.0.6-1.el9_0.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "dotnet-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "dotnet-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-0:6.0.106-1.el9_0.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.aarch64"
},
"product_reference": "dotnet-sdk-6.0-0:6.0.106-1.el9_0.aarch64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-0:6.0.106-1.el9_0.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.s390x"
},
"product_reference": "dotnet-sdk-6.0-0:6.0.106-1.el9_0.s390x",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-0:6.0.106-1.el9_0.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.x86_64"
},
"product_reference": "dotnet-sdk-6.0-0:6.0.106-1.el9_0.x86_64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.aarch64"
},
"product_reference": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.s390x"
},
"product_reference": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.x86_64"
},
"product_reference": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.aarch64"
},
"product_reference": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.aarch64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.s390x"
},
"product_reference": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.s390x",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.x86_64"
},
"product_reference": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.x86_64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64"
},
"product_reference": "dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x"
},
"product_reference": "dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64"
},
"product_reference": "dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-templates-6.0-0:6.0.106-1.el9_0.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.aarch64"
},
"product_reference": "dotnet-templates-6.0-0:6.0.106-1.el9_0.aarch64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-templates-6.0-0:6.0.106-1.el9_0.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.s390x"
},
"product_reference": "dotnet-templates-6.0-0:6.0.106-1.el9_0.s390x",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-templates-6.0-0:6.0.106-1.el9_0.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.x86_64"
},
"product_reference": "dotnet-templates-6.0-0:6.0.106-1.el9_0.x86_64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-0:6.0.106-1.el9_0.src as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-0:6.0.106-1.el9_0.src"
},
"product_reference": "dotnet6.0-0:6.0.106-1.el9_0.src",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el9_0.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.aarch64"
},
"product_reference": "dotnet6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el9_0.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.s390x"
},
"product_reference": "dotnet6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el9_0.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.x86_64"
},
"product_reference": "dotnet6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debugsource-0:6.0.106-1.el9_0.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.aarch64"
},
"product_reference": "dotnet6.0-debugsource-0:6.0.106-1.el9_0.aarch64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debugsource-0:6.0.106-1.el9_0.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.s390x"
},
"product_reference": "dotnet6.0-debugsource-0:6.0.106-1.el9_0.s390x",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debugsource-0:6.0.106-1.el9_0.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.x86_64"
},
"product_reference": "dotnet6.0-debugsource-0:6.0.106-1.el9_0.x86_64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.aarch64"
},
"product_reference": "netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.aarch64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.s390x"
},
"product_reference": "netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.s390x",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.x86_64"
},
"product_reference": "netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.x86_64",
"relates_to_product_reference": "CRB-9.0.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-30184",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2022-06-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2096963"
}
],
"notes": [
{
"category": "description",
"text": ".NET and Visual Studio Information Disclosure Vulnerability",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dotnet: NuGet Credential leak due to loss of control of third party symbol server domain",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-0:6.0.106-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-0:6.0.106-1.el9_0.src",
"CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30184"
},
{
"category": "external",
"summary": "RHBZ#2096963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096963"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30184",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30184"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/225",
"url": "https://github.com/dotnet/announcements/issues/225"
},
{
"category": "external",
"summary": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30184",
"url": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30184"
}
],
"release_date": "2022-06-14T16:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-0:6.0.106-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-0:6.0.106-1.el9_0.src",
"CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5050"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-0:6.0.106-1.el9_0.src",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.x86_64",
"AppStream-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.aarch64",
"AppStream-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.s390x",
"AppStream-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-0:6.0.106-1.el9_0.src",
"CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el9_0.x86_64",
"CRB-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.aarch64",
"CRB-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.s390x",
"CRB-9.0.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dotnet: NuGet Credential leak due to loss of control of third party symbol server domain"
}
]
}
rhsa-2022_5047
Vulnerability from csaf_redhat
Published
2022-06-15 08:24
Modified
2024-09-16 08:17
Summary
Red Hat Security Advisory: .NET 6.0 on RHEL 7 security and bugfix update
Notes
Topic
An update for .NET 6.0 is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.106 and .NET Runtime 6.0.6.
Security Fix(es):
* dotnet: NuGet Credential leak due to loss of control of third party symbol server domain (CVE-2022-30184)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for .NET 6.0 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": ".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.106 and .NET Runtime 6.0.6.\n\nSecurity Fix(es):\n\n* dotnet: NuGet Credential leak due to loss of control of third party symbol server domain (CVE-2022-30184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:5047",
"url": "https://access.redhat.com/errata/RHSA-2022:5047"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2096963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096963"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_5047.json"
}
],
"title": "Red Hat Security Advisory: .NET 6.0 on RHEL 7 security and bugfix update",
"tracking": {
"current_release_date": "2024-09-16T08:17:53+00:00",
"generator": {
"date": "2024-09-16T08:17:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:5047",
"initial_release_date": "2022-06-15T08:24:52+00:00",
"revision_history": [
{
"date": "2022-06-15T08:24:52+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-06-15T08:24:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T08:17:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": ".NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": ".NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-6.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_dotnet:6.0::el7"
}
}
},
{
"category": "product_name",
"name": ".NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": ".NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-6.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_dotnet:6.0::el7"
}
}
},
{
"category": "product_name",
"name": ".NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": ".NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-6.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_dotnet:6.0::el7"
}
}
}
],
"category": "product_family",
"name": ".NET Core on Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-dotnet60-aspnetcore-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet60-aspnetcore-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"product_id": "rh-dotnet60-aspnetcore-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet60-aspnetcore-runtime-6.0@6.0.6-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet60-aspnetcore-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet60-aspnetcore-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"product_id": "rh-dotnet60-aspnetcore-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet60-aspnetcore-targeting-pack-6.0@6.0.6-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet60-dotnet-0:6.0.106-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet60-dotnet-0:6.0.106-1.el7_9.x86_64",
"product_id": "rh-dotnet60-dotnet-0:6.0.106-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet60-dotnet@6.0.106-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet60-dotnet-apphost-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet60-dotnet-apphost-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"product_id": "rh-dotnet60-dotnet-apphost-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet60-dotnet-apphost-pack-6.0@6.0.6-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet60-dotnet-host-0:6.0.6-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet60-dotnet-host-0:6.0.6-1.el7_9.x86_64",
"product_id": "rh-dotnet60-dotnet-host-0:6.0.6-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet60-dotnet-host@6.0.6-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet60-dotnet-hostfxr-6.0-0:6.0.6-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet60-dotnet-hostfxr-6.0-0:6.0.6-1.el7_9.x86_64",
"product_id": "rh-dotnet60-dotnet-hostfxr-6.0-0:6.0.6-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet60-dotnet-hostfxr-6.0@6.0.6-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet60-dotnet-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet60-dotnet-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"product_id": "rh-dotnet60-dotnet-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet60-dotnet-runtime-6.0@6.0.6-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet60-dotnet-sdk-6.0-0:6.0.106-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet60-dotnet-sdk-6.0-0:6.0.106-1.el7_9.x86_64",
"product_id": "rh-dotnet60-dotnet-sdk-6.0-0:6.0.106-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet60-dotnet-sdk-6.0@6.0.106-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el7_9.x86_64",
"product_id": "rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts@6.0.106-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet60-dotnet-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet60-dotnet-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"product_id": "rh-dotnet60-dotnet-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet60-dotnet-targeting-pack-6.0@6.0.6-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet60-dotnet-templates-6.0-0:6.0.106-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet60-dotnet-templates-6.0-0:6.0.106-1.el7_9.x86_64",
"product_id": "rh-dotnet60-dotnet-templates-6.0-0:6.0.106-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet60-dotnet-templates-6.0@6.0.106-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet60-netstandard-targeting-pack-2.1-0:6.0.106-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet60-netstandard-targeting-pack-2.1-0:6.0.106-1.el7_9.x86_64",
"product_id": "rh-dotnet60-netstandard-targeting-pack-2.1-0:6.0.106-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet60-netstandard-targeting-pack-2.1@6.0.106-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet60-dotnet-debuginfo-0:6.0.106-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet60-dotnet-debuginfo-0:6.0.106-1.el7_9.x86_64",
"product_id": "rh-dotnet60-dotnet-debuginfo-0:6.0.106-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet60-dotnet-debuginfo@6.0.106-1.el7_9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-dotnet60-dotnet-0:6.0.106-1.el7_9.src",
"product": {
"name": "rh-dotnet60-dotnet-0:6.0.106-1.el7_9.src",
"product_id": "rh-dotnet60-dotnet-0:6.0.106-1.el7_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet60-dotnet@6.0.106-1.el7_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-aspnetcore-runtime-6.0-0:6.0.6-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-6.0:rh-dotnet60-aspnetcore-runtime-6.0-0:6.0.6-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-aspnetcore-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-aspnetcore-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-6.0:rh-dotnet60-aspnetcore-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-aspnetcore-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-0:6.0.106-1.el7_9.src as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.src"
},
"product_reference": "rh-dotnet60-dotnet-0:6.0.106-1.el7_9.src",
"relates_to_product_reference": "7ComputeNode-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-0:6.0.106-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-0:6.0.106-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-apphost-pack-6.0-0:6.0.6-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-apphost-pack-6.0-0:6.0.6-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-apphost-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-debuginfo-0:6.0.106-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-debuginfo-0:6.0.106-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-debuginfo-0:6.0.106-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-host-0:6.0.6-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-host-0:6.0.6-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-host-0:6.0.6-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-hostfxr-6.0-0:6.0.6-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-hostfxr-6.0-0:6.0.6-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-hostfxr-6.0-0:6.0.6-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-runtime-6.0-0:6.0.6-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-runtime-6.0-0:6.0.6-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-sdk-6.0-0:6.0.106-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-0:6.0.106-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-sdk-6.0-0:6.0.106-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-templates-6.0-0:6.0.106-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-templates-6.0-0:6.0.106-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-templates-6.0-0:6.0.106-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-netstandard-targeting-pack-2.1-0:6.0.106-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-6.0:rh-dotnet60-netstandard-targeting-pack-2.1-0:6.0.106-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-netstandard-targeting-pack-2.1-0:6.0.106-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-aspnetcore-runtime-6.0-0:6.0.6-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-6.0:rh-dotnet60-aspnetcore-runtime-6.0-0:6.0.6-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-aspnetcore-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-aspnetcore-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-6.0:rh-dotnet60-aspnetcore-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-aspnetcore-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-0:6.0.106-1.el7_9.src as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.src"
},
"product_reference": "rh-dotnet60-dotnet-0:6.0.106-1.el7_9.src",
"relates_to_product_reference": "7Server-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-0:6.0.106-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-0:6.0.106-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-apphost-pack-6.0-0:6.0.6-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-6.0:rh-dotnet60-dotnet-apphost-pack-6.0-0:6.0.6-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-apphost-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-debuginfo-0:6.0.106-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-6.0:rh-dotnet60-dotnet-debuginfo-0:6.0.106-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-debuginfo-0:6.0.106-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-host-0:6.0.6-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-6.0:rh-dotnet60-dotnet-host-0:6.0.6-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-host-0:6.0.6-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-hostfxr-6.0-0:6.0.6-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-6.0:rh-dotnet60-dotnet-hostfxr-6.0-0:6.0.6-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-hostfxr-6.0-0:6.0.6-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-runtime-6.0-0:6.0.6-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-6.0:rh-dotnet60-dotnet-runtime-6.0-0:6.0.6-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-sdk-6.0-0:6.0.106-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-0:6.0.106-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-sdk-6.0-0:6.0.106-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-6.0:rh-dotnet60-dotnet-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-templates-6.0-0:6.0.106-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-6.0:rh-dotnet60-dotnet-templates-6.0-0:6.0.106-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-templates-6.0-0:6.0.106-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-netstandard-targeting-pack-2.1-0:6.0.106-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-6.0:rh-dotnet60-netstandard-targeting-pack-2.1-0:6.0.106-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-netstandard-targeting-pack-2.1-0:6.0.106-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-aspnetcore-runtime-6.0-0:6.0.6-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-6.0:rh-dotnet60-aspnetcore-runtime-6.0-0:6.0.6-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-aspnetcore-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-aspnetcore-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-6.0:rh-dotnet60-aspnetcore-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-aspnetcore-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-0:6.0.106-1.el7_9.src as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.src"
},
"product_reference": "rh-dotnet60-dotnet-0:6.0.106-1.el7_9.src",
"relates_to_product_reference": "7Workstation-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-0:6.0.106-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-0:6.0.106-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-apphost-pack-6.0-0:6.0.6-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-6.0:rh-dotnet60-dotnet-apphost-pack-6.0-0:6.0.6-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-apphost-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-debuginfo-0:6.0.106-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-6.0:rh-dotnet60-dotnet-debuginfo-0:6.0.106-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-debuginfo-0:6.0.106-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-host-0:6.0.6-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-6.0:rh-dotnet60-dotnet-host-0:6.0.6-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-host-0:6.0.6-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-hostfxr-6.0-0:6.0.6-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-6.0:rh-dotnet60-dotnet-hostfxr-6.0-0:6.0.6-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-hostfxr-6.0-0:6.0.6-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-runtime-6.0-0:6.0.6-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-6.0:rh-dotnet60-dotnet-runtime-6.0-0:6.0.6-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-sdk-6.0-0:6.0.106-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-0:6.0.106-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-sdk-6.0-0:6.0.106-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-6.0:rh-dotnet60-dotnet-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-dotnet-templates-6.0-0:6.0.106-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-6.0:rh-dotnet60-dotnet-templates-6.0-0:6.0.106-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-dotnet-templates-6.0-0:6.0.106-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet60-netstandard-targeting-pack-2.1-0:6.0.106-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-6.0:rh-dotnet60-netstandard-targeting-pack-2.1-0:6.0.106-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet60-netstandard-targeting-pack-2.1-0:6.0.106-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-30184",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2022-06-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2096963"
}
],
"notes": [
{
"category": "description",
"text": ".NET and Visual Studio Information Disclosure Vulnerability",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dotnet: NuGet Credential leak due to loss of control of third party symbol server domain",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-dotNET-6.0:rh-dotnet60-aspnetcore-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-aspnetcore-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.src",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-apphost-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-debuginfo-0:6.0.106-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-host-0:6.0.6-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-hostfxr-6.0-0:6.0.6-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-0:6.0.106-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-templates-6.0-0:6.0.106-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-netstandard-targeting-pack-2.1-0:6.0.106-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-aspnetcore-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-aspnetcore-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.src",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-apphost-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-debuginfo-0:6.0.106-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-host-0:6.0.6-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-hostfxr-6.0-0:6.0.6-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-0:6.0.106-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-templates-6.0-0:6.0.106-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-netstandard-targeting-pack-2.1-0:6.0.106-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-aspnetcore-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-aspnetcore-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.src",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-apphost-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-debuginfo-0:6.0.106-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-host-0:6.0.6-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-hostfxr-6.0-0:6.0.6-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-0:6.0.106-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-templates-6.0-0:6.0.106-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-netstandard-targeting-pack-2.1-0:6.0.106-1.el7_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30184"
},
{
"category": "external",
"summary": "RHBZ#2096963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096963"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30184",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30184"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/225",
"url": "https://github.com/dotnet/announcements/issues/225"
},
{
"category": "external",
"summary": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30184",
"url": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30184"
}
],
"release_date": "2022-06-14T16:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7ComputeNode-dotNET-6.0:rh-dotnet60-aspnetcore-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-aspnetcore-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.src",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-apphost-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-debuginfo-0:6.0.106-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-host-0:6.0.6-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-hostfxr-6.0-0:6.0.6-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-0:6.0.106-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-templates-6.0-0:6.0.106-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-netstandard-targeting-pack-2.1-0:6.0.106-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-aspnetcore-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-aspnetcore-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.src",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-apphost-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-debuginfo-0:6.0.106-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-host-0:6.0.6-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-hostfxr-6.0-0:6.0.6-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-0:6.0.106-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-templates-6.0-0:6.0.106-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-netstandard-targeting-pack-2.1-0:6.0.106-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-aspnetcore-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-aspnetcore-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.src",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-apphost-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-debuginfo-0:6.0.106-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-host-0:6.0.6-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-hostfxr-6.0-0:6.0.6-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-0:6.0.106-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-templates-6.0-0:6.0.106-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-netstandard-targeting-pack-2.1-0:6.0.106-1.el7_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7ComputeNode-dotNET-6.0:rh-dotnet60-aspnetcore-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-aspnetcore-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.src",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-apphost-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-debuginfo-0:6.0.106-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-host-0:6.0.6-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-hostfxr-6.0-0:6.0.6-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-0:6.0.106-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-dotnet-templates-6.0-0:6.0.106-1.el7_9.x86_64",
"7ComputeNode-dotNET-6.0:rh-dotnet60-netstandard-targeting-pack-2.1-0:6.0.106-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-aspnetcore-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-aspnetcore-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.src",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-apphost-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-debuginfo-0:6.0.106-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-host-0:6.0.6-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-hostfxr-6.0-0:6.0.6-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-0:6.0.106-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-dotnet-templates-6.0-0:6.0.106-1.el7_9.x86_64",
"7Server-dotNET-6.0:rh-dotnet60-netstandard-targeting-pack-2.1-0:6.0.106-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-aspnetcore-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-aspnetcore-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.src",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-0:6.0.106-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-apphost-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-debuginfo-0:6.0.106-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-host-0:6.0.6-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-hostfxr-6.0-0:6.0.6-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-runtime-6.0-0:6.0.6-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-0:6.0.106-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-targeting-pack-6.0-0:6.0.6-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-dotnet-templates-6.0-0:6.0.106-1.el7_9.x86_64",
"7Workstation-dotNET-6.0:rh-dotnet60-netstandard-targeting-pack-2.1-0:6.0.106-1.el7_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dotnet: NuGet Credential leak due to loss of control of third party symbol server domain"
}
]
}
rhsa-2022_5062
Vulnerability from csaf_redhat
Published
2022-06-15 15:38
Modified
2024-09-16 08:18
Summary
Red Hat Security Advisory: .NET Core 3.1 on RHEL 7 security and bugfix update
Notes
Topic
An update for .NET Core 3.1 is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 3.1.420 and .NET Runtime 3.1.26.
Security Fix(es):
* dotnet: NuGet Credential leak due to loss of control of third party symbol server domain (CVE-2022-30184)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for .NET Core 3.1 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": ".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 3.1.420 and .NET Runtime 3.1.26.\n\nSecurity Fix(es):\n\n* dotnet: NuGet Credential leak due to loss of control of third party symbol server domain (CVE-2022-30184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:5062",
"url": "https://access.redhat.com/errata/RHSA-2022:5062"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2096963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096963"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_5062.json"
}
],
"title": "Red Hat Security Advisory: .NET Core 3.1 on RHEL 7 security and bugfix update",
"tracking": {
"current_release_date": "2024-09-16T08:18:09+00:00",
"generator": {
"date": "2024-09-16T08:18:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:5062",
"initial_release_date": "2022-06-15T15:38:21+00:00",
"revision_history": [
{
"date": "2022-06-15T15:38:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-06-15T15:38:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T08:18:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": ".NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": ".NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_dotnet:3.1::el7"
}
}
},
{
"category": "product_name",
"name": ".NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": ".NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_dotnet:3.1::el7"
}
}
},
{
"category": "product_name",
"name": ".NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": ".NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_dotnet:3.1::el7"
}
}
}
],
"category": "product_family",
"name": ".NET Core on Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"product_id": "rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet31-aspnetcore-runtime-3.1@3.1.26-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"product_id": "rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet31-aspnetcore-targeting-pack-3.1@3.1.26-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet31-dotnet-0:3.1.420-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet31-dotnet-0:3.1.420-1.el7_9.x86_64",
"product_id": "rh-dotnet31-dotnet-0:3.1.420-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet31-dotnet@3.1.420-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"product_id": "rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet31-dotnet-apphost-pack-3.1@3.1.26-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet31-dotnet-host-0:3.1.26-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet31-dotnet-host-0:3.1.26-1.el7_9.x86_64",
"product_id": "rh-dotnet31-dotnet-host-0:3.1.26-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet31-dotnet-host@3.1.26-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.26-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.26-1.el7_9.x86_64",
"product_id": "rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.26-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet31-dotnet-hostfxr-3.1@3.1.26-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet31-dotnet-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet31-dotnet-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"product_id": "rh-dotnet31-dotnet-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet31-dotnet-runtime-3.1@3.1.26-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet31-dotnet-sdk-3.1-0:3.1.420-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet31-dotnet-sdk-3.1-0:3.1.420-1.el7_9.x86_64",
"product_id": "rh-dotnet31-dotnet-sdk-3.1-0:3.1.420-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet31-dotnet-sdk-3.1@3.1.420-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el7_9.x86_64",
"product_id": "rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts@3.1.420-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"product_id": "rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet31-dotnet-targeting-pack-3.1@3.1.26-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet31-dotnet-templates-3.1-0:3.1.420-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet31-dotnet-templates-3.1-0:3.1.420-1.el7_9.x86_64",
"product_id": "rh-dotnet31-dotnet-templates-3.1-0:3.1.420-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet31-dotnet-templates-3.1@3.1.420-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.420-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.420-1.el7_9.x86_64",
"product_id": "rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.420-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet31-netstandard-targeting-pack-2.1@3.1.420-1.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-dotnet31-dotnet-debuginfo-0:3.1.420-1.el7_9.x86_64",
"product": {
"name": "rh-dotnet31-dotnet-debuginfo-0:3.1.420-1.el7_9.x86_64",
"product_id": "rh-dotnet31-dotnet-debuginfo-0:3.1.420-1.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet31-dotnet-debuginfo@3.1.420-1.el7_9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-dotnet31-dotnet-0:3.1.420-1.el7_9.src",
"product": {
"name": "rh-dotnet31-dotnet-0:3.1.420-1.el7_9.src",
"product_id": "rh-dotnet31-dotnet-0:3.1.420-1.el7_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-dotnet31-dotnet@3.1.420-1.el7_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.26-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-3.1:rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.26-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-3.1:rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-0:3.1.420-1.el7_9.src as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.src"
},
"product_reference": "rh-dotnet31-dotnet-0:3.1.420-1.el7_9.src",
"relates_to_product_reference": "7ComputeNode-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-0:3.1.420-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-0:3.1.420-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.26-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.26-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-debuginfo-0:3.1.420-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-debuginfo-0:3.1.420-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-debuginfo-0:3.1.420-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-host-0:3.1.26-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-host-0:3.1.26-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-host-0:3.1.26-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.26-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.26-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.26-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-runtime-3.1-0:3.1.26-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-runtime-3.1-0:3.1.26-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-sdk-3.1-0:3.1.420-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-0:3.1.420-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-sdk-3.1-0:3.1.420-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-templates-3.1-0:3.1.420-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-templates-3.1-0:3.1.420-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-templates-3.1-0:3.1.420-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.420-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-dotNET-3.1:rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.420-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.420-1.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.26-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-3.1:rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.26-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-3.1:rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-0:3.1.420-1.el7_9.src as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.src"
},
"product_reference": "rh-dotnet31-dotnet-0:3.1.420-1.el7_9.src",
"relates_to_product_reference": "7Server-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-0:3.1.420-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-0:3.1.420-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.26-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-3.1:rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.26-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-debuginfo-0:3.1.420-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-3.1:rh-dotnet31-dotnet-debuginfo-0:3.1.420-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-debuginfo-0:3.1.420-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-host-0:3.1.26-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-3.1:rh-dotnet31-dotnet-host-0:3.1.26-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-host-0:3.1.26-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.26-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-3.1:rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.26-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.26-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-runtime-3.1-0:3.1.26-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-3.1:rh-dotnet31-dotnet-runtime-3.1-0:3.1.26-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-sdk-3.1-0:3.1.420-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-0:3.1.420-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-sdk-3.1-0:3.1.420-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-3.1:rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-templates-3.1-0:3.1.420-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-3.1:rh-dotnet31-dotnet-templates-3.1-0:3.1.420-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-templates-3.1-0:3.1.420-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.420-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-dotNET-3.1:rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.420-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.420-1.el7_9.x86_64",
"relates_to_product_reference": "7Server-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.26-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-3.1:rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.26-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-3.1:rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-0:3.1.420-1.el7_9.src as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.src"
},
"product_reference": "rh-dotnet31-dotnet-0:3.1.420-1.el7_9.src",
"relates_to_product_reference": "7Workstation-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-0:3.1.420-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-0:3.1.420-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.26-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-3.1:rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.26-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-debuginfo-0:3.1.420-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-3.1:rh-dotnet31-dotnet-debuginfo-0:3.1.420-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-debuginfo-0:3.1.420-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-host-0:3.1.26-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-3.1:rh-dotnet31-dotnet-host-0:3.1.26-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-host-0:3.1.26-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.26-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-3.1:rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.26-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.26-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-runtime-3.1-0:3.1.26-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-3.1:rh-dotnet31-dotnet-runtime-3.1-0:3.1.26-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-sdk-3.1-0:3.1.420-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-0:3.1.420-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-sdk-3.1-0:3.1.420-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-3.1:rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-dotnet-templates-3.1-0:3.1.420-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-3.1:rh-dotnet31-dotnet-templates-3.1-0:3.1.420-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-dotnet-templates-3.1-0:3.1.420-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.420-1.el7_9.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-dotNET-3.1:rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.420-1.el7_9.x86_64"
},
"product_reference": "rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.420-1.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-dotNET-3.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-30184",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2022-06-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2096963"
}
],
"notes": [
{
"category": "description",
"text": ".NET and Visual Studio Information Disclosure Vulnerability",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dotnet: NuGet Credential leak due to loss of control of third party symbol server domain",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-dotNET-3.1:rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.src",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-debuginfo-0:3.1.420-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-host-0:3.1.26-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.26-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-0:3.1.420-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-templates-3.1-0:3.1.420-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.420-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.src",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-debuginfo-0:3.1.420-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-host-0:3.1.26-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.26-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-0:3.1.420-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-templates-3.1-0:3.1.420-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.420-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.src",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-debuginfo-0:3.1.420-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-host-0:3.1.26-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.26-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-0:3.1.420-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-templates-3.1-0:3.1.420-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.420-1.el7_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30184"
},
{
"category": "external",
"summary": "RHBZ#2096963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096963"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30184",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30184"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/225",
"url": "https://github.com/dotnet/announcements/issues/225"
},
{
"category": "external",
"summary": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30184",
"url": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30184"
}
],
"release_date": "2022-06-14T16:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7ComputeNode-dotNET-3.1:rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.src",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-debuginfo-0:3.1.420-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-host-0:3.1.26-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.26-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-0:3.1.420-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-templates-3.1-0:3.1.420-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.420-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.src",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-debuginfo-0:3.1.420-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-host-0:3.1.26-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.26-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-0:3.1.420-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-templates-3.1-0:3.1.420-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.420-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.src",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-debuginfo-0:3.1.420-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-host-0:3.1.26-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.26-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-0:3.1.420-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-templates-3.1-0:3.1.420-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.420-1.el7_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5062"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7ComputeNode-dotNET-3.1:rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.src",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-debuginfo-0:3.1.420-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-host-0:3.1.26-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.26-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-0:3.1.420-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-dotnet-templates-3.1-0:3.1.420-1.el7_9.x86_64",
"7ComputeNode-dotNET-3.1:rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.420-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.src",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-debuginfo-0:3.1.420-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-host-0:3.1.26-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.26-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-0:3.1.420-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-dotnet-templates-3.1-0:3.1.420-1.el7_9.x86_64",
"7Server-dotNET-3.1:rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.420-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.src",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-0:3.1.420-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-debuginfo-0:3.1.420-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-host-0:3.1.26-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.26-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-runtime-3.1-0:3.1.26-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-0:3.1.420-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-sdk-3.1-source-built-artifacts-0:3.1.420-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.26-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-dotnet-templates-3.1-0:3.1.420-1.el7_9.x86_64",
"7Workstation-dotNET-3.1:rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.420-1.el7_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dotnet: NuGet Credential leak due to loss of control of third party symbol server domain"
}
]
}
rhsa-2022_5046
Vulnerability from csaf_redhat
Published
2022-06-15 08:39
Modified
2024-09-16 08:18
Summary
Red Hat Security Advisory: .NET 6.0 security and bugfix update
Notes
Topic
An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.106 and .NET Runtime 6.0.6.
Security Fix(es):
* dotnet: NuGet Credential leak due to loss of control of third party symbol server domain (CVE-2022-30184)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": ".NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.\n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.106 and .NET Runtime 6.0.6.\n\nSecurity Fix(es):\n\n* dotnet: NuGet Credential leak due to loss of control of third party symbol server domain (CVE-2022-30184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:5046",
"url": "https://access.redhat.com/errata/RHSA-2022:5046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2096963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096963"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_5046.json"
}
],
"title": "Red Hat Security Advisory: .NET 6.0 security and bugfix update",
"tracking": {
"current_release_date": "2024-09-16T08:18:01+00:00",
"generator": {
"date": "2024-09-16T08:18:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:5046",
"initial_release_date": "2022-06-15T08:39:04+00:00",
"revision_history": [
{
"date": "2022-06-15T08:39:04+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-06-15T08:39:04+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T08:18:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux CRB (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"product": {
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"product_id": "aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aspnetcore-runtime-6.0@6.0.6-1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"product": {
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"product_id": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aspnetcore-targeting-pack-6.0@6.0.6-1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-0:6.0.106-1.el8_6.aarch64",
"product": {
"name": "dotnet-0:6.0.106-1.el8_6.aarch64",
"product_id": "dotnet-0:6.0.106-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet@6.0.106-1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"product": {
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"product_id": "dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-apphost-pack-6.0@6.0.6-1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-host-0:6.0.6-1.el8_6.aarch64",
"product": {
"name": "dotnet-host-0:6.0.6-1.el8_6.aarch64",
"product_id": "dotnet-host-0:6.0.6-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-host@6.0.6-1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.aarch64",
"product": {
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.aarch64",
"product_id": "dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-hostfxr-6.0@6.0.6-1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"product": {
"name": "dotnet-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"product_id": "dotnet-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-runtime-6.0@6.0.6-1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-sdk-6.0-0:6.0.106-1.el8_6.aarch64",
"product": {
"name": "dotnet-sdk-6.0-0:6.0.106-1.el8_6.aarch64",
"product_id": "dotnet-sdk-6.0-0:6.0.106-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-sdk-6.0@6.0.106-1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"product": {
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"product_id": "dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-targeting-pack-6.0@6.0.6-1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-templates-6.0-0:6.0.106-1.el8_6.aarch64",
"product": {
"name": "dotnet-templates-6.0-0:6.0.106-1.el8_6.aarch64",
"product_id": "dotnet-templates-6.0-0:6.0.106-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-templates-6.0@6.0.106-1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.aarch64",
"product": {
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.aarch64",
"product_id": "netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/netstandard-targeting-pack-2.1@6.0.106-1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet6.0-debugsource-0:6.0.106-1.el8_6.aarch64",
"product": {
"name": "dotnet6.0-debugsource-0:6.0.106-1.el8_6.aarch64",
"product_id": "dotnet6.0-debugsource-0:6.0.106-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet6.0-debugsource@6.0.106-1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"product": {
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"product_id": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-apphost-pack-6.0-debuginfo@6.0.6-1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-host-debuginfo-0:6.0.6-1.el8_6.aarch64",
"product": {
"name": "dotnet-host-debuginfo-0:6.0.6-1.el8_6.aarch64",
"product_id": "dotnet-host-debuginfo-0:6.0.6-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-host-debuginfo@6.0.6-1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"product": {
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"product_id": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-hostfxr-6.0-debuginfo@6.0.6-1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"product": {
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"product_id": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-runtime-6.0-debuginfo@6.0.6-1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"product": {
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"product_id": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-sdk-6.0-debuginfo@6.0.106-1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"product": {
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"product_id": "dotnet6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet6.0-debuginfo@6.0.106-1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.aarch64",
"product": {
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.aarch64",
"product_id": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-sdk-6.0-source-built-artifacts@6.0.106-1.el8_6?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"product": {
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"product_id": "aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aspnetcore-runtime-6.0@6.0.6-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"product": {
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"product_id": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aspnetcore-targeting-pack-6.0@6.0.6-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-0:6.0.106-1.el8_6.x86_64",
"product": {
"name": "dotnet-0:6.0.106-1.el8_6.x86_64",
"product_id": "dotnet-0:6.0.106-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet@6.0.106-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"product": {
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"product_id": "dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-apphost-pack-6.0@6.0.6-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-host-0:6.0.6-1.el8_6.x86_64",
"product": {
"name": "dotnet-host-0:6.0.6-1.el8_6.x86_64",
"product_id": "dotnet-host-0:6.0.6-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-host@6.0.6-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.x86_64",
"product": {
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.x86_64",
"product_id": "dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-hostfxr-6.0@6.0.6-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"product": {
"name": "dotnet-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"product_id": "dotnet-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-runtime-6.0@6.0.6-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-sdk-6.0-0:6.0.106-1.el8_6.x86_64",
"product": {
"name": "dotnet-sdk-6.0-0:6.0.106-1.el8_6.x86_64",
"product_id": "dotnet-sdk-6.0-0:6.0.106-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-sdk-6.0@6.0.106-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"product": {
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"product_id": "dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-targeting-pack-6.0@6.0.6-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-templates-6.0-0:6.0.106-1.el8_6.x86_64",
"product": {
"name": "dotnet-templates-6.0-0:6.0.106-1.el8_6.x86_64",
"product_id": "dotnet-templates-6.0-0:6.0.106-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-templates-6.0@6.0.106-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.x86_64",
"product": {
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.x86_64",
"product_id": "netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/netstandard-targeting-pack-2.1@6.0.106-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet6.0-debugsource-0:6.0.106-1.el8_6.x86_64",
"product": {
"name": "dotnet6.0-debugsource-0:6.0.106-1.el8_6.x86_64",
"product_id": "dotnet6.0-debugsource-0:6.0.106-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet6.0-debugsource@6.0.106-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"product": {
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"product_id": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-apphost-pack-6.0-debuginfo@6.0.6-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-host-debuginfo-0:6.0.6-1.el8_6.x86_64",
"product": {
"name": "dotnet-host-debuginfo-0:6.0.6-1.el8_6.x86_64",
"product_id": "dotnet-host-debuginfo-0:6.0.6-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-host-debuginfo@6.0.6-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"product": {
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"product_id": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-hostfxr-6.0-debuginfo@6.0.6-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"product": {
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"product_id": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-runtime-6.0-debuginfo@6.0.6-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"product": {
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"product_id": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-sdk-6.0-debuginfo@6.0.106-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"product": {
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"product_id": "dotnet6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet6.0-debuginfo@6.0.106-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.x86_64",
"product": {
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.x86_64",
"product_id": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-sdk-6.0-source-built-artifacts@6.0.106-1.el8_6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"product": {
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"product_id": "aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aspnetcore-runtime-6.0@6.0.6-1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"product": {
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"product_id": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aspnetcore-targeting-pack-6.0@6.0.6-1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-0:6.0.106-1.el8_6.s390x",
"product": {
"name": "dotnet-0:6.0.106-1.el8_6.s390x",
"product_id": "dotnet-0:6.0.106-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet@6.0.106-1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.s390x",
"product": {
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.s390x",
"product_id": "dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-apphost-pack-6.0@6.0.6-1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-host-0:6.0.6-1.el8_6.s390x",
"product": {
"name": "dotnet-host-0:6.0.6-1.el8_6.s390x",
"product_id": "dotnet-host-0:6.0.6-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-host@6.0.6-1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.s390x",
"product": {
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.s390x",
"product_id": "dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-hostfxr-6.0@6.0.6-1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"product": {
"name": "dotnet-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"product_id": "dotnet-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-runtime-6.0@6.0.6-1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-sdk-6.0-0:6.0.106-1.el8_6.s390x",
"product": {
"name": "dotnet-sdk-6.0-0:6.0.106-1.el8_6.s390x",
"product_id": "dotnet-sdk-6.0-0:6.0.106-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-sdk-6.0@6.0.106-1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"product": {
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"product_id": "dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-targeting-pack-6.0@6.0.6-1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-templates-6.0-0:6.0.106-1.el8_6.s390x",
"product": {
"name": "dotnet-templates-6.0-0:6.0.106-1.el8_6.s390x",
"product_id": "dotnet-templates-6.0-0:6.0.106-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-templates-6.0@6.0.106-1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.s390x",
"product": {
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.s390x",
"product_id": "netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/netstandard-targeting-pack-2.1@6.0.106-1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet6.0-debugsource-0:6.0.106-1.el8_6.s390x",
"product": {
"name": "dotnet6.0-debugsource-0:6.0.106-1.el8_6.s390x",
"product_id": "dotnet6.0-debugsource-0:6.0.106-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet6.0-debugsource@6.0.106-1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"product": {
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"product_id": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-apphost-pack-6.0-debuginfo@6.0.6-1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-host-debuginfo-0:6.0.6-1.el8_6.s390x",
"product": {
"name": "dotnet-host-debuginfo-0:6.0.6-1.el8_6.s390x",
"product_id": "dotnet-host-debuginfo-0:6.0.6-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-host-debuginfo@6.0.6-1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"product": {
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"product_id": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-hostfxr-6.0-debuginfo@6.0.6-1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"product": {
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"product_id": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-runtime-6.0-debuginfo@6.0.6-1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"product": {
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"product_id": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-sdk-6.0-debuginfo@6.0.106-1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"product": {
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"product_id": "dotnet6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet6.0-debuginfo@6.0.106-1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.s390x",
"product": {
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.s390x",
"product_id": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet-sdk-6.0-source-built-artifacts@6.0.106-1.el8_6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dotnet6.0-0:6.0.106-1.el8_6.src",
"product": {
"name": "dotnet6.0-0:6.0.106-1.el8_6.src",
"product_id": "dotnet6.0-0:6.0.106-1.el8_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dotnet6.0@6.0.106-1.el8_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-0:6.0.106-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.aarch64"
},
"product_reference": "dotnet-0:6.0.106-1.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-0:6.0.106-1.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.s390x"
},
"product_reference": "dotnet-0:6.0.106-1.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-0:6.0.106-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.x86_64"
},
"product_reference": "dotnet-0:6.0.106-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "dotnet-host-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "dotnet-host-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "dotnet-host-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-debuginfo-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "dotnet-host-debuginfo-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-debuginfo-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "dotnet-host-debuginfo-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-debuginfo-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "dotnet-host-debuginfo-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "dotnet-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "dotnet-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "dotnet-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-0:6.0.106-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.aarch64"
},
"product_reference": "dotnet-sdk-6.0-0:6.0.106-1.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-0:6.0.106-1.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.s390x"
},
"product_reference": "dotnet-sdk-6.0-0:6.0.106-1.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-0:6.0.106-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.x86_64"
},
"product_reference": "dotnet-sdk-6.0-0:6.0.106-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.aarch64"
},
"product_reference": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.s390x"
},
"product_reference": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.x86_64"
},
"product_reference": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.aarch64"
},
"product_reference": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.s390x"
},
"product_reference": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.x86_64"
},
"product_reference": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-templates-6.0-0:6.0.106-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.aarch64"
},
"product_reference": "dotnet-templates-6.0-0:6.0.106-1.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-templates-6.0-0:6.0.106-1.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.s390x"
},
"product_reference": "dotnet-templates-6.0-0:6.0.106-1.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-templates-6.0-0:6.0.106-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.x86_64"
},
"product_reference": "dotnet-templates-6.0-0:6.0.106-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-0:6.0.106-1.el8_6.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-0:6.0.106-1.el8_6.src"
},
"product_reference": "dotnet6.0-0:6.0.106-1.el8_6.src",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.aarch64"
},
"product_reference": "dotnet6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.s390x"
},
"product_reference": "dotnet6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.x86_64"
},
"product_reference": "dotnet6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debugsource-0:6.0.106-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.aarch64"
},
"product_reference": "dotnet6.0-debugsource-0:6.0.106-1.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debugsource-0:6.0.106-1.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.s390x"
},
"product_reference": "dotnet6.0-debugsource-0:6.0.106-1.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debugsource-0:6.0.106-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.x86_64"
},
"product_reference": "dotnet6.0-debugsource-0:6.0.106-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.aarch64"
},
"product_reference": "netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.s390x"
},
"product_reference": "netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.x86_64"
},
"product_reference": "netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-0:6.0.106-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.aarch64"
},
"product_reference": "dotnet-0:6.0.106-1.el8_6.aarch64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-0:6.0.106-1.el8_6.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.s390x"
},
"product_reference": "dotnet-0:6.0.106-1.el8_6.s390x",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-0:6.0.106-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.x86_64"
},
"product_reference": "dotnet-0:6.0.106-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "dotnet-host-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "dotnet-host-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "dotnet-host-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-debuginfo-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "dotnet-host-debuginfo-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-debuginfo-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "dotnet-host-debuginfo-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-host-debuginfo-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "dotnet-host-debuginfo-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "dotnet-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "dotnet-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "dotnet-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-0:6.0.106-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.aarch64"
},
"product_reference": "dotnet-sdk-6.0-0:6.0.106-1.el8_6.aarch64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-0:6.0.106-1.el8_6.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.s390x"
},
"product_reference": "dotnet-sdk-6.0-0:6.0.106-1.el8_6.s390x",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-0:6.0.106-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.x86_64"
},
"product_reference": "dotnet-sdk-6.0-0:6.0.106-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.aarch64"
},
"product_reference": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.s390x"
},
"product_reference": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.x86_64"
},
"product_reference": "dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.aarch64"
},
"product_reference": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.aarch64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.s390x"
},
"product_reference": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.s390x",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.x86_64"
},
"product_reference": "dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64"
},
"product_reference": "dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x"
},
"product_reference": "dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64"
},
"product_reference": "dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-templates-6.0-0:6.0.106-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.aarch64"
},
"product_reference": "dotnet-templates-6.0-0:6.0.106-1.el8_6.aarch64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-templates-6.0-0:6.0.106-1.el8_6.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.s390x"
},
"product_reference": "dotnet-templates-6.0-0:6.0.106-1.el8_6.s390x",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet-templates-6.0-0:6.0.106-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.x86_64"
},
"product_reference": "dotnet-templates-6.0-0:6.0.106-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-0:6.0.106-1.el8_6.src as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-0:6.0.106-1.el8_6.src"
},
"product_reference": "dotnet6.0-0:6.0.106-1.el8_6.src",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.aarch64"
},
"product_reference": "dotnet6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el8_6.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.s390x"
},
"product_reference": "dotnet6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debuginfo-0:6.0.106-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.x86_64"
},
"product_reference": "dotnet6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debugsource-0:6.0.106-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.aarch64"
},
"product_reference": "dotnet6.0-debugsource-0:6.0.106-1.el8_6.aarch64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debugsource-0:6.0.106-1.el8_6.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.s390x"
},
"product_reference": "dotnet6.0-debugsource-0:6.0.106-1.el8_6.s390x",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dotnet6.0-debugsource-0:6.0.106-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.x86_64"
},
"product_reference": "dotnet6.0-debugsource-0:6.0.106-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.aarch64"
},
"product_reference": "netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.aarch64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.s390x"
},
"product_reference": "netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.s390x",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.x86_64"
},
"product_reference": "netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.x86_64",
"relates_to_product_reference": "CRB-8.6.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-30184",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2022-06-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2096963"
}
],
"notes": [
{
"category": "description",
"text": ".NET and Visual Studio Information Disclosure Vulnerability",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dotnet: NuGet Credential leak due to loss of control of third party symbol server domain",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-0:6.0.106-1.el8_6.src",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-0:6.0.106-1.el8_6.src",
"CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30184"
},
{
"category": "external",
"summary": "RHBZ#2096963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096963"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30184",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30184"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/225",
"url": "https://github.com/dotnet/announcements/issues/225"
},
{
"category": "external",
"summary": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30184",
"url": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30184"
}
],
"release_date": "2022-06-14T16:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-0:6.0.106-1.el8_6.src",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-0:6.0.106-1.el8_6.src",
"CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:5046"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-0:6.0.106-1.el8_6.src",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.x86_64",
"AppStream-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.aarch64",
"AppStream-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.s390x",
"AppStream-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:aspnetcore-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-apphost-pack-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-host-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-host-debuginfo-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-hostfxr-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-runtime-6.0-debuginfo-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-sdk-6.0-source-built-artifacts-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-targeting-pack-6.0-0:6.0.6-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet-templates-6.0-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-0:6.0.106-1.el8_6.src",
"CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debuginfo-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:dotnet6.0-debugsource-0:6.0.106-1.el8_6.x86_64",
"CRB-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.aarch64",
"CRB-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.s390x",
"CRB-8.6.0.Z.MAIN.EUS:netstandard-targeting-pack-2.1-0:6.0.106-1.el8_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dotnet: NuGet Credential leak due to loss of control of third party symbol server domain"
}
]
}
icsa-23-320-12
Vulnerability from csaf_cisa
Published
2023-11-14 00:00
Modified
2023-11-14 00:00
Summary
Siemens PNI
Notes
Summary
SINEC PNI before V2.0 is affected by multiple vulnerabilities.
Siemens has released an update for SINEC PNI and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reporting these vulnerabilities to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "SINEC PNI before V2.0 is affected by multiple vulnerabilities.\n\nSiemens has released an update for SINEC PNI and recommends to update to the latest version.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Multiple",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-150063: Multiple Vulnerabilities in SINEC PNI before V2.0 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-150063.json"
},
{
"category": "self",
"summary": "SSA-150063: Multiple Vulnerabilities in SINEC PNI before V2.0 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-150063.html"
},
{
"category": "self",
"summary": "SSA-150063: Multiple Vulnerabilities in SINEC PNI before V2.0 - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-150063.pdf"
},
{
"category": "self",
"summary": "SSA-150063: Multiple Vulnerabilities in SINEC PNI before V2.0 - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-150063.txt"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-23-320-12 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2023/icsa-23-320-12.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-23-320-12 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-12"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Siemens PNI",
"tracking": {
"current_release_date": "2023-11-14T00:00:00Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1"
}
},
"id": "ICSA-23-320-12",
"initial_release_date": "2023-11-14T00:00:00Z",
"revision_history": [
{
"date": "2023-11-14T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV2.0",
"product": {
"name": "SINEC PNI",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "SINEC PNI"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-30184",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": ".NET and Visual Studio Information Disclosure Vulnerability.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825079/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2022-30184"
},
{
"cve": "CVE-2022-37434",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825079/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2022-37434"
},
{
"cve": "CVE-2022-41032",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "NuGet Client Elevation of Privilege Vulnerability.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825079/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2022-41032"
},
{
"cve": "CVE-2023-21808",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": ".NET and Visual Studio Remote Code Execution Vulnerability",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825079/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-21808"
},
{
"cve": "CVE-2023-24895",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825079/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-24895"
},
{
"cve": "CVE-2023-24897",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825079/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-24897"
},
{
"cve": "CVE-2023-24936",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": ".NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825079/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-24936"
},
{
"cve": "CVE-2023-28260",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": ".NET DLL Hijacking Remote Code Execution Vulnerability",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825079/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-28260"
},
{
"cve": "CVE-2023-29331",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825079/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-29331"
},
{
"cve": "CVE-2023-32032",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": ".NET and Visual Studio Elevation of Privilege Vulnerability",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825079/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-32032"
},
{
"cve": "CVE-2023-33126",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": ".NET and Visual Studio Remote Code Execution Vulnerability",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825079/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-33126"
},
{
"cve": "CVE-2023-33128",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": ".NET and Visual Studio Remote Code Execution Vulnerability",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825079/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-33128"
},
{
"cve": "CVE-2023-33135",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": ".NET and Visual Studio Elevation of Privilege Vulnerability",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825079/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-33135"
}
]
}
var-202206-1329
Vulnerability from variot
.NET and Visual Studio Information Disclosure Vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: .NET 6.0 on RHEL 7 security and bugfix update Advisory ID: RHSA-2022:5047-01 Product: .NET Core on Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:5047 Issue date: 2022-06-15 CVE Names: CVE-2022-30184 =====================================================================
- Summary:
An update for .NET 6.0 is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 .NET Core on Red Hat Enterprise Linux Server (v. 7) - x86_64 .NET Core on Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- Description:
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.106 and .NET Runtime 6.0.6.
Security Fix(es):
- dotnet: NuGet Credential leak due to loss of control of third party symbol server domain (CVE-2022-30184)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
2096963 - CVE-2022-30184 dotnet: NuGet Credential leak due to loss of control of third party symbol server domain
- Package List:
.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7):
Source: rh-dotnet60-dotnet-6.0.106-1.el7_9.src.rpm
x86_64: rh-dotnet60-aspnetcore-runtime-6.0-6.0.6-1.el7_9.x86_64.rpm rh-dotnet60-aspnetcore-targeting-pack-6.0-6.0.6-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-6.0.106-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-apphost-pack-6.0-6.0.6-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-debuginfo-6.0.106-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-host-6.0.6-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-hostfxr-6.0-6.0.6-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-runtime-6.0-6.0.6-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-sdk-6.0-6.0.106-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-6.0.106-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-targeting-pack-6.0-6.0.6-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-templates-6.0-6.0.106-1.el7_9.x86_64.rpm rh-dotnet60-netstandard-targeting-pack-2.1-6.0.106-1.el7_9.x86_64.rpm
.NET Core on Red Hat Enterprise Linux Server (v. 7):
Source: rh-dotnet60-dotnet-6.0.106-1.el7_9.src.rpm
x86_64: rh-dotnet60-aspnetcore-runtime-6.0-6.0.6-1.el7_9.x86_64.rpm rh-dotnet60-aspnetcore-targeting-pack-6.0-6.0.6-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-6.0.106-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-apphost-pack-6.0-6.0.6-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-debuginfo-6.0.106-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-host-6.0.6-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-hostfxr-6.0-6.0.6-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-runtime-6.0-6.0.6-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-sdk-6.0-6.0.106-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-6.0.106-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-targeting-pack-6.0-6.0.6-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-templates-6.0-6.0.106-1.el7_9.x86_64.rpm rh-dotnet60-netstandard-targeting-pack-2.1-6.0.106-1.el7_9.x86_64.rpm
.NET Core on Red Hat Enterprise Linux Workstation (v. 7):
Source: rh-dotnet60-dotnet-6.0.106-1.el7_9.src.rpm
x86_64: rh-dotnet60-aspnetcore-runtime-6.0-6.0.6-1.el7_9.x86_64.rpm rh-dotnet60-aspnetcore-targeting-pack-6.0-6.0.6-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-6.0.106-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-apphost-pack-6.0-6.0.6-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-debuginfo-6.0.106-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-host-6.0.6-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-hostfxr-6.0-6.0.6-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-runtime-6.0-6.0.6-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-sdk-6.0-6.0.106-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-6.0.106-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-targeting-pack-6.0-6.0.6-1.el7_9.x86_64.rpm rh-dotnet60-dotnet-templates-6.0-6.0.106-1.el7_9.x86_64.rpm rh-dotnet60-netstandard-targeting-pack-2.1-6.0.106-1.el7_9.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2022-30184 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYqnJfdzjgjWX9erEAQixSg/9Hoq+s14tWTzx0rMrWvUraAES1Q29xYk1 LyGo9/aIBmJhfz2etjEEZ6RIeV2ErqUI4NWSSYruwu0qVxZpJURkQHy5t1xS1YSu IL/p1yS89JP7KMWEKeWO4d/btr60m8ug7M2NhbkfOcWhsNrC+mvwkgHtlxmAFEYS SaYVs+gLru9MyYV789WKFDRAV7olWx3ox6xP83t/XQZrZGiTw9HbS5iQKw68K2aG 57ntXel/HBywNLJsT5s+GpGtPTgsaIdTK6nZsp9QfcFCXNsIsVTil8Zh5RKf4z4I X9iFzpBsy8CSG7M3UM0kd45s5vLVKSn96/eDD0DEJG32mm3tJp6zFn4IO4XydqRI GqW58ZfmV81UAFbijvZixh187avuizXDvdZ5WP3u3e5UmqK0XzIaQfBwn+7GYbl2 MPnXLTiqxelK0+2LoiTyfQaHCrwU2JRQu145ueFz+cTktxhJDRvOgkWOACO8+QgG 22gKZHS6oa7i/uBelZMRqimWA7/L8H7hSXixJprWcLJuQV5A5r4A+FBgmcyriGfz bxWj0OOdDMG1JufoK1+xrMmYidzH5XRIrdVN27KD8qgCNKYd3NDwArbymgN+YePe +3KVg9tD1QdwO5fqS9WqWGBVSBDx+YEpBcrSW6IGqtfL4lljSH3diI57Ak/dSfKN hlK/+EEZzSw= =Grls -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . 8) - aarch64, s390x, x86_64
3
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202206-1329",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nuget",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.2.1"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "36"
},
{
"model": "visual studio 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "visual studio 2022",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "17.0.4"
},
{
"model": "visual studio 2019",
"scope": "gte",
"trust": 1.0,
"vendor": "microsoft",
"version": "16.0"
},
{
"model": "visual studio 2022",
"scope": "gte",
"trust": 1.0,
"vendor": "microsoft",
"version": "17.0"
},
{
"model": "visual studio 2022",
"scope": "gte",
"trust": 1.0,
"vendor": "microsoft",
"version": "17.2"
},
{
"model": ".net",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.0"
},
{
"model": ".net core",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "3.1"
},
{
"model": "visual studio 2022",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "17.2.5"
},
{
"model": "visual studio 2019",
"scope": "gte",
"trust": 1.0,
"vendor": "microsoft",
"version": "16.10"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"model": "visual studio 2022",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "17.0.11"
},
{
"model": "visual studio 2019",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "16.9.22"
},
{
"model": "visual studio 2019",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "16.11.6"
},
{
"model": "visual studio 2019 for mac",
"scope": null,
"trust": 0.8,
"vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
"version": null
},
{
"model": "nuget.exe",
"scope": null,
"trust": 0.8,
"vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
"version": null
},
{
"model": "microsoft visual studio",
"scope": null,
"trust": 0.8,
"vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
"version": null
},
{
"model": ".net",
"scope": null,
"trust": 0.8,
"vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
"version": null
},
{
"model": "visual studio 2022 for mac",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
"version": "17.0"
},
{
"model": ".net core",
"scope": null,
"trust": 0.8,
"vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-001987"
},
{
"db": "NVD",
"id": "CVE-2022-30184"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.0.4",
"versionStartIncluding": "17.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:.net_core:3.1:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2019:8.10:*:*:*:*:macos:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:.net:6.0.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.11.6",
"versionStartIncluding": "16.10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.9.22",
"versionStartIncluding": "16.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.2.5",
"versionStartIncluding": "17.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.0.11",
"versionStartIncluding": "17.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:nuget:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.2.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-30184"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "167502"
},
{
"db": "PACKETSTORM",
"id": "167519"
},
{
"db": "PACKETSTORM",
"id": "167505"
},
{
"db": "PACKETSTORM",
"id": "167496"
},
{
"db": "PACKETSTORM",
"id": "167497"
}
],
"trust": 0.5
},
"cve": "CVE-2022-30184",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2022-30184",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "secure@microsoft.com",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2022-001987",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-30184",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "secure@microsoft.com",
"id": "CVE-2022-30184",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202206-1317",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2022-30184",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-30184"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001987"
},
{
"db": "NVD",
"id": "CVE-2022-30184"
},
{
"db": "NVD",
"id": "CVE-2022-30184"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-1317"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": ".NET and Visual Studio Information Disclosure Vulnerability. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: .NET 6.0 on RHEL 7 security and bugfix update\nAdvisory ID: RHSA-2022:5047-01\nProduct: .NET Core on Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2022:5047\nIssue date: 2022-06-15\nCVE Names: CVE-2022-30184 \n=====================================================================\n\n1. Summary:\n\nAn update for .NET 6.0 is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\n.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64\n.NET Core on Red Hat Enterprise Linux Server (v. 7) - x86_64\n.NET Core on Red Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\n.NET is a managed-software framework. It implements a subset of the .NET\nframework APIs and several new APIs, and it includes a CLR implementation. \n\nNew versions of .NET that address a security vulnerability are now\navailable. The updated versions are .NET SDK 6.0.106 and .NET Runtime\n6.0.6. \n\nSecurity Fix(es):\n\n* dotnet: NuGet Credential leak due to loss of control of third party\nsymbol server domain (CVE-2022-30184)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n2096963 - CVE-2022-30184 dotnet: NuGet Credential leak due to loss of control of third party symbol server domain\n\n6. Package List:\n\n.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nrh-dotnet60-dotnet-6.0.106-1.el7_9.src.rpm\n\nx86_64:\nrh-dotnet60-aspnetcore-runtime-6.0-6.0.6-1.el7_9.x86_64.rpm\nrh-dotnet60-aspnetcore-targeting-pack-6.0-6.0.6-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-6.0.106-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-apphost-pack-6.0-6.0.6-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-debuginfo-6.0.106-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-host-6.0.6-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-hostfxr-6.0-6.0.6-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-runtime-6.0-6.0.6-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-sdk-6.0-6.0.106-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-6.0.106-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-targeting-pack-6.0-6.0.6-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-templates-6.0-6.0.106-1.el7_9.x86_64.rpm\nrh-dotnet60-netstandard-targeting-pack-2.1-6.0.106-1.el7_9.x86_64.rpm\n\n.NET Core on Red Hat Enterprise Linux Server (v. 7):\n\nSource:\nrh-dotnet60-dotnet-6.0.106-1.el7_9.src.rpm\n\nx86_64:\nrh-dotnet60-aspnetcore-runtime-6.0-6.0.6-1.el7_9.x86_64.rpm\nrh-dotnet60-aspnetcore-targeting-pack-6.0-6.0.6-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-6.0.106-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-apphost-pack-6.0-6.0.6-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-debuginfo-6.0.106-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-host-6.0.6-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-hostfxr-6.0-6.0.6-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-runtime-6.0-6.0.6-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-sdk-6.0-6.0.106-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-6.0.106-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-targeting-pack-6.0-6.0.6-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-templates-6.0-6.0.106-1.el7_9.x86_64.rpm\nrh-dotnet60-netstandard-targeting-pack-2.1-6.0.106-1.el7_9.x86_64.rpm\n\n.NET Core on Red Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nrh-dotnet60-dotnet-6.0.106-1.el7_9.src.rpm\n\nx86_64:\nrh-dotnet60-aspnetcore-runtime-6.0-6.0.6-1.el7_9.x86_64.rpm\nrh-dotnet60-aspnetcore-targeting-pack-6.0-6.0.6-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-6.0.106-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-apphost-pack-6.0-6.0.6-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-debuginfo-6.0.106-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-host-6.0.6-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-hostfxr-6.0-6.0.6-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-runtime-6.0-6.0.6-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-sdk-6.0-6.0.106-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-sdk-6.0-source-built-artifacts-6.0.106-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-targeting-pack-6.0-6.0.6-1.el7_9.x86_64.rpm\nrh-dotnet60-dotnet-templates-6.0-6.0.106-1.el7_9.x86_64.rpm\nrh-dotnet60-netstandard-targeting-pack-2.1-6.0.106-1.el7_9.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2022-30184\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYqnJfdzjgjWX9erEAQixSg/9Hoq+s14tWTzx0rMrWvUraAES1Q29xYk1\nLyGo9/aIBmJhfz2etjEEZ6RIeV2ErqUI4NWSSYruwu0qVxZpJURkQHy5t1xS1YSu\nIL/p1yS89JP7KMWEKeWO4d/btr60m8ug7M2NhbkfOcWhsNrC+mvwkgHtlxmAFEYS\nSaYVs+gLru9MyYV789WKFDRAV7olWx3ox6xP83t/XQZrZGiTw9HbS5iQKw68K2aG\n57ntXel/HBywNLJsT5s+GpGtPTgsaIdTK6nZsp9QfcFCXNsIsVTil8Zh5RKf4z4I\nX9iFzpBsy8CSG7M3UM0kd45s5vLVKSn96/eDD0DEJG32mm3tJp6zFn4IO4XydqRI\nGqW58ZfmV81UAFbijvZixh187avuizXDvdZ5WP3u3e5UmqK0XzIaQfBwn+7GYbl2\nMPnXLTiqxelK0+2LoiTyfQaHCrwU2JRQu145ueFz+cTktxhJDRvOgkWOACO8+QgG\n22gKZHS6oa7i/uBelZMRqimWA7/L8H7hSXixJprWcLJuQV5A5r4A+FBgmcyriGfz\nbxWj0OOdDMG1JufoK1+xrMmYidzH5XRIrdVN27KD8qgCNKYd3NDwArbymgN+YePe\n+3KVg9tD1QdwO5fqS9WqWGBVSBDx+YEpBcrSW6IGqtfL4lljSH3diI57Ak/dSfKN\nhlK/+EEZzSw=\n=Grls\n-----END PGP SIGNATURE-----\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. 8) - aarch64, s390x, x86_64\n\n3",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-30184"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001987"
},
{
"db": "VULMON",
"id": "CVE-2022-30184"
},
{
"db": "PACKETSTORM",
"id": "167502"
},
{
"db": "PACKETSTORM",
"id": "167519"
},
{
"db": "PACKETSTORM",
"id": "167505"
},
{
"db": "PACKETSTORM",
"id": "167496"
},
{
"db": "PACKETSTORM",
"id": "167497"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-30184",
"trust": 3.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001987",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "167519",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167496",
"trust": 0.7
},
{
"db": "CS-HELP",
"id": "SB2022072010",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202206-1317",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-23-320-12",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-30184",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167502",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167505",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167497",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-30184"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001987"
},
{
"db": "PACKETSTORM",
"id": "167502"
},
{
"db": "PACKETSTORM",
"id": "167519"
},
{
"db": "PACKETSTORM",
"id": "167505"
},
{
"db": "PACKETSTORM",
"id": "167496"
},
{
"db": "PACKETSTORM",
"id": "167497"
},
{
"db": "NVD",
"id": "CVE-2022-30184"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-1317"
}
]
},
"id": "VAR-202206-1329",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.21178882
},
"last_update_date": "2023-12-21T20:46:36.704000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": ".NET\u00a0and\u00a0Visual\u00a0Studio\u00a0Information\u00a0Disclosure\u00a0Vulnerability Security Update Guide",
"trust": 0.8,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2022-30184"
},
{
"title": "Microsoft .NET Core and Microsoft Visual Studio Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=198109"
},
{
"title": "Red Hat: Moderate: .NET 6.0 security and bugfix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20225046 - security advisory"
},
{
"title": "Red Hat: Moderate: .NET Core 3.1 security and bugfix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20225061 - security advisory"
},
{
"title": "Red Hat: Moderate: .NET Core 3.1 on RHEL 7 security and bugfix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20225062 - security advisory"
},
{
"title": "Red Hat: Moderate: .NET 6.0 security and bugfix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20225050 - security advisory"
},
{
"title": "Red Hat: Moderate: .NET 6.0 on RHEL 7 security and bugfix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20225047 - security advisory"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2022-30184 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-30184"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001987"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-1317"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-001987"
},
{
"db": "NVD",
"id": "CVE-2022-30184"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-30184"
},
{
"trust": 1.7,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2022-30184"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/xwnh4ac3lfvx35mdrx5obzdgd2amh66k/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/dmp34g53ea2dbtblfoaqcdzrrene2ea2/"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30184"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20220615-ms.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2022/at220016.html"
},
{
"trust": 0.6,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/dmp34g53ea2dbtblfoaqcdzrrene2ea2/"
},
{
"trust": 0.6,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/xwnh4ac3lfvx35mdrx5obzdgd2amh66k/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167519/red-hat-security-advisory-2022-5050-01.html"
},
{
"trust": 0.6,
"url": "https://msrc.microsoft.com/update-guide/vulnerability/cve-2022-30184"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-30184/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb20220720108"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167496/red-hat-security-advisory-2022-5047-01.html"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/microsoft-visual-studio-information-disclosure-38587"
},
{
"trust": 0.5,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/errata/rhsa-2022:5046"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2022-30184"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-12"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:5061"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:5050"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:5062"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:5047"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-30184"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001987"
},
{
"db": "PACKETSTORM",
"id": "167502"
},
{
"db": "PACKETSTORM",
"id": "167519"
},
{
"db": "PACKETSTORM",
"id": "167505"
},
{
"db": "PACKETSTORM",
"id": "167496"
},
{
"db": "PACKETSTORM",
"id": "167497"
},
{
"db": "NVD",
"id": "CVE-2022-30184"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-1317"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2022-30184"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001987"
},
{
"db": "PACKETSTORM",
"id": "167502"
},
{
"db": "PACKETSTORM",
"id": "167519"
},
{
"db": "PACKETSTORM",
"id": "167505"
},
{
"db": "PACKETSTORM",
"id": "167496"
},
{
"db": "PACKETSTORM",
"id": "167497"
},
{
"db": "NVD",
"id": "CVE-2022-30184"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-1317"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-15T00:00:00",
"db": "VULMON",
"id": "CVE-2022-30184"
},
{
"date": "2022-06-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-001987"
},
{
"date": "2022-06-20T00:29:48",
"db": "PACKETSTORM",
"id": "167502"
},
{
"date": "2022-06-20T00:57:46",
"db": "PACKETSTORM",
"id": "167519"
},
{
"date": "2022-06-20T00:35:41",
"db": "PACKETSTORM",
"id": "167505"
},
{
"date": "2022-06-20T00:21:50",
"db": "PACKETSTORM",
"id": "167496"
},
{
"date": "2022-06-20T00:22:04",
"db": "PACKETSTORM",
"id": "167497"
},
{
"date": "2022-06-15T22:15:15.370000",
"db": "NVD",
"id": "CVE-2022-30184"
},
{
"date": "2022-06-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202206-1317"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2022-30184"
},
{
"date": "2022-06-30T06:36:00",
"db": "JVNDB",
"id": "JVNDB-2022-001987"
},
{
"date": "2023-12-20T22:15:26.597000",
"db": "NVD",
"id": "CVE-2022-30184"
},
{
"date": "2022-07-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202206-1317"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202206-1317"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Microsoft\u00a0 A vulnerability in which information is disclosed in a product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-001987"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202206-1317"
}
],
"trust": 0.6
}
}
Loading...