CVE Details
| CVE ID |
Severity |
Affected Package |
Installed Version |
Fixed Version |
Date Published |
Date of Scan |
| CVE-2025-55248 |
MEDIUM |
Microsoft.NETCore.App.Runtime.linux-x64 |
9.0.9 |
9.0.10, 8.0.21 |
2025-10-14T17:15:44.787Z |
2025-11-07T10:18:18.627065054Z |
Affected Docker Images
| Image Name |
SHA |
public.ecr.aws/lambda/dotnet:latest |
public.ecr.aws/lambda/dotnet@sha256:79d80af018618231f3e5c59df8a0672b1914e40a6cb0740170987400e04a99f1 |
public.ecr.aws/lambda/dotnet:9 |
public.ecr.aws/lambda/dotnet@sha256:79d80af018618231f3e5c59df8a0672b1914e40a6cb0740170987400e04a99f1 |
public.ecr.aws/lambda/dotnet:8 |
public.ecr.aws/lambda/dotnet@sha256:c48f1dccf5e15c52d3ff2685a4627bbe3ce09177b7e5480c0c12e0f5b1d75269 |
Description
Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network.
Remediation Steps
- Update the affected package
Microsoft.NETCore.App.Runtime.linux-x64 from version 9.0.9 to 9.0.10, 8.0.21.
About this issue
- This issue may not contain all the information about the CVE nor the images it affects.
- This issue will not be updated with new information and the list of affected images may have changed since the creation of this issue.
- For more, visit Lambda Watchdog.
- This issue was created automatically by Lambda Watchdog.
