What is RHBA-2025:0304?

RHBA-2025:0304 is a security advisory published by Red Hat Product Security with High severity. Red Hat Bug Fix Advisory: .NET 8.0 bug fix and enhancement update

Which CVE IDs does RHBA-2025:0304 cover?

RHBA-2025:0304 covers the following CVE IDs: CVE-2024-11831, CVE-2025-21172, CVE-2025-21173, CVE-2025-21176. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of RHBA-2025:0304?

RHBA-2025:0304 has a CVSS v3 base score of 8.8, published by Red Hat Product Security.

RHBA-2025:0304HighCVSS 8.8

Red Hat Bug Fix Advisory: .NET 8.0 bug fix and enhancement update

Vendor

Red Hat Product Security

Published

January 14, 2025

Last Modified

June 2, 2026

🔗 CVE IDs covered (4)

CVE-2024-11831 →CVE-2025-21172 →CVE-2025-21173 →CVE-2025-21176 →

📋 Description

CVE-2024-11831 — npm-serialize-javascript: Cross-site Scripting (XSS) in serialize-javascript CVE-2025-21172 — dotnet: .NET and Visual Studio Remote Code Execution Vulnerability CVE-2025-21173 — dotnet: .NET Elevation of Privilege Vulnerability CVE-2025-21176 — dotnet: .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

🔗 References (2)

selfhttps://access.redhat.com/errata/RHBA-2025:0304
selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2025/rhba-2025_0304.json