CVE-2025-30399

Publication date 10 June 2025

Last updated 11 June 2025

Ubuntu priority

Why this priority?

Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
dotnet6	25.04 plucky	Not in release
	24.10 oracular	Not in release
	24.04 LTS noble	Not in release
	22.04 LTS jammy	Not affected
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
dotnet7	25.04 plucky	Not in release
	24.10 oracular	Not in release
	24.04 LTS noble	Not in release
	22.04 LTS jammy	Ignored see notes
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
dotnet8	25.04 plucky	Fixed 8.0.117-8.0.17-0ubuntu1~25.04.1
	24.10 oracular	Fixed 8.0.117-8.0.17-0ubuntu1~24.10.1
	24.04 LTS noble	Fixed 8.0.117-8.0.17-0ubuntu1~24.04.1
	22.04 LTS jammy	Fixed 8.0.117-8.0.17-0ubuntu1~22.04.1
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
dotnet9	25.04 plucky	Fixed 9.0.107-9.0.6-0ubuntu1~25.04.1
	24.10 oracular	Fixed 9.0.107-9.0.6-0ubuntu1~24.10.1
	24.04 LTS noble	Not in release
	22.04 LTS jammy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release

Notes

iconstantin

.NET 7 is end of life upstream.

References

Related Ubuntu Security Notices (USN)

USN-7563-1
.NET vulnerability
10 June 2025

Other references