Skip to content

Commit 0eb8854

Browse files
rbhandarbhanda
authored
Revise CVE references in release notes (dotnet#10335)
* Revise CVE references in release notes Updated CVE links for versions 8.0.25 and 8.0.24. * Update CVE links in release notes for version 10.0 * Update cve.md * Update cve.md * Update cve.md
1 parent 73d2535 commit 0eb8854

3 files changed

Lines changed: 9 additions & 9 deletions

File tree

release-notes/10.0/cve.md

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -11,11 +11,11 @@ Your app may be vulnerable to the following published security [CVEs](https://ww
1111
- 10.0.5 (March 2026)
1212
- No new CVEs
1313
- 10.0.4 (March 2026)
14-
- [CVE-2026-26130](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26130)
15-
- [CVE-2026-26127](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26127)
16-
- [CVE-2026-26131](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26131)
14+
- [CVE-2026-26130 | .NET Denial of Service Vulnerability ](https://github.com/dotnet/announcements/issues/385)
15+
- [CVE-2026-26127 | .NET Denial of Service Vulnerability](https://github.com/dotnet/announcements/issues/384)
16+
- [CVE-2026-26131 | .NET Elevation of Privilege Vulnerability](https://github.com/dotnet/announcements/issues/386)
1717
- 10.0.3 (February 2026)
18-
- [CVE-2026-21218 | .NET Security Feature Bypass Vulnerability](https://github.com/dotnet/announcements/issues/xxx)
18+
- [CVE-2026-21218 | .NET Security Feature Bypass Vulnerability](https://github.com/dotnet/announcements/issues/380)
1919
- 10.0.2 (January 2026)
2020
- No new CVEs
2121
- 10.0.1 (December 2025)

release-notes/8.0/cve.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,9 +9,9 @@ Your app needs to be on the latest .NET 8 patch version to be secure. The longer
99
Your app may be vulnerable to the following published security [CVEs](https://www.cve.org/) if you are using an older version.
1010

1111
- 8.0.25 (March 2026)
12-
- [CVE-2026-26130](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26130)
12+
- [CVE-2026-26130 | .NET Denial of Service Vulnerability](https://github.com/dotnet/announcements/issues/385)
1313
- 8.0.24 (February 2026)
14-
- [CVE-2026-21218 | .NET Security Feature Bypass Vulnerability](https://github.com/dotnet/announcements/issues/xxx)
14+
- [CVE-2026-21218 | .NET Security Feature Bypass Vulnerability](https://github.com/dotnet/announcements/issues/380)
1515
- 8.0.23 (January 2026)
1616
- No new CVEs.
1717
- 8.0.22 (November 2025)

release-notes/9.0/cve.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -9,10 +9,10 @@ Your app needs to be on the latest .NET 9 patch version to be secure. The longer
99
Your app may be vulnerable to the following published security [CVEs](https://www.cve.org/) if you are using an older version.
1010

1111
- 9.0.14 (March 2026)
12-
- [CVE-2026-26130](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26130)
13-
- [CVE-2026-26127](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26127)
12+
- [CVE-2026-26130 | .NET Denial of Service Vulnerability](https://github.com/dotnet/announcements/issues/385)
13+
- [CVE-2026-26127 | .NET Denial of Service Vulnerability](https://github.com/dotnet/announcements/issues/384)
1414
- 9.0.13 (February 2026)
15-
- [CVE-2026-21218 | .NET Security Feature Bypass Vulnerability](https://github.com/dotnet/announcements/issues/xxx)
15+
- [CVE-2026-21218 | .NET Security Feature Bypass Vulnerability](https://github.com/dotnet/announcements/issues/380)
1616
- 9.0.12 (January 2026)
1717
- No new CVEs.
1818
- 9.0.11 (November 2025)

0 commit comments

Comments
 (0)