Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:nuget/Microsoft.AspNetCore.App@2.1.0
Typenuget
Namespace
NameMicrosoft.AspNetCore.App
Version2.1.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.1.22
Latest_non_vulnerable_version2.2.6
Affected_by_vulnerabilities
0
url VCID-1gtv-nubh-73a9
vulnerability_id VCID-1gtv-nubh-73a9
summary Microsoft Security Advisory CVE-2019-0564: ASP.NET Core Denial of Service Vulnerability
references
0
reference_url https://access.redhat.com/errata/RHSA-2019:0040
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:0040
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0564.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0564.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-0564
reference_id
reference_type
scores
0
value 0.07639
scoring_system epss
scoring_elements 0.91856
published_at 2026-04-04T12:55:00Z
1
value 0.07639
scoring_system epss
scoring_elements 0.9185
published_at 2026-04-02T12:55:00Z
2
value 0.07639
scoring_system epss
scoring_elements 0.91841
published_at 2026-04-01T12:55:00Z
3
value 0.07668
scoring_system epss
scoring_elements 0.91912
published_at 2026-04-21T12:55:00Z
4
value 0.07668
scoring_system epss
scoring_elements 0.91882
published_at 2026-04-07T12:55:00Z
5
value 0.07668
scoring_system epss
scoring_elements 0.91895
published_at 2026-04-08T12:55:00Z
6
value 0.07668
scoring_system epss
scoring_elements 0.919
published_at 2026-04-13T12:55:00Z
7
value 0.07668
scoring_system epss
scoring_elements 0.91904
published_at 2026-04-12T12:55:00Z
8
value 0.07668
scoring_system epss
scoring_elements 0.91919
published_at 2026-04-16T12:55:00Z
9
value 0.07668
scoring_system epss
scoring_elements 0.91915
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-0564
3
reference_url https://github.com/aspnet/Announcements/issues/334
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/aspnet/Announcements/issues/334
4
reference_url https://github.com/github/advisory-database/issues/302
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/github/advisory-database/issues/302
5
reference_url http://www.securityfocus.com/bid/106413
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/106413
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1660634
reference_id 1660634
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1660634
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:asp.net_core:2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:2.1:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-0564
reference_id CVE-2019-0564
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-0564
9
reference_url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0564
reference_id CVE-2019-0564
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0564
10
reference_url https://github.com/advisories/GHSA-6px8-22w5-w334
reference_id GHSA-6px8-22w5-w334
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6px8-22w5-w334
fixed_packages
0
url pkg:nuget/Microsoft.AspNetCore.App@2.1.7
purl pkg:nuget/Microsoft.AspNetCore.App@2.1.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-41c2-23ch-x7ft
1
vulnerability VCID-9zu6-5d4v-f3ht
2
vulnerability VCID-fm28-azef-buh6
3
vulnerability VCID-j761-wgke-97d8
4
vulnerability VCID-n3cs-wjun-vfhe
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App@2.1.7
1
url pkg:nuget/Microsoft.AspNetCore.App@2.2.1
purl pkg:nuget/Microsoft.AspNetCore.App@2.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-41c2-23ch-x7ft
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App@2.2.1
aliases CVE-2019-0564, GHSA-6px8-22w5-w334
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1gtv-nubh-73a9
1
url VCID-41c2-23ch-x7ft
vulnerability_id VCID-41c2-23ch-x7ft
summary 
URL Redirection to Untrusted Site ('Open Redirect')
A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect, aka 'ASP.NET Core Spoofing Vulnerability'.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-1075
reference_id
reference_type
scores
0
value 0.00417
scoring_system epss
scoring_elements 0.61692
published_at 2026-04-07T12:55:00Z
1
value 0.00417
scoring_system epss
scoring_elements 0.61777
published_at 2026-04-21T12:55:00Z
2
value 0.00417
scoring_system epss
scoring_elements 0.61794
published_at 2026-04-18T12:55:00Z
3
value 0.00417
scoring_system epss
scoring_elements 0.61788
published_at 2026-04-16T12:55:00Z
4
value 0.00417
scoring_system epss
scoring_elements 0.61746
published_at 2026-04-13T12:55:00Z
5
value 0.00417
scoring_system epss
scoring_elements 0.61765
published_at 2026-04-12T12:55:00Z
6
value 0.00417
scoring_system epss
scoring_elements 0.61778
published_at 2026-04-11T12:55:00Z
7
value 0.00417
scoring_system epss
scoring_elements 0.61756
published_at 2026-04-09T12:55:00Z
8
value 0.00417
scoring_system epss
scoring_elements 0.61617
published_at 2026-04-01T12:55:00Z
9
value 0.00417
scoring_system epss
scoring_elements 0.61691
published_at 2026-04-02T12:55:00Z
10
value 0.00417
scoring_system epss
scoring_elements 0.61741
published_at 2026-04-08T12:55:00Z
11
value 0.00417
scoring_system epss
scoring_elements 0.61721
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-1075
1
reference_url https://github.com/aspnet/Announcements/issues/373
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/aspnet/Announcements/issues/373
2
reference_url https://github.com/github/advisory-database/issues/302
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/github/advisory-database/issues/302
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-1075
reference_id CVE-2019-1075
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-1075
4
reference_url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1075
reference_id CVE-2019-1075
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1075
5
reference_url https://github.com/advisories/GHSA-prrf-397v-83xh
reference_id GHSA-prrf-397v-83xh
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-prrf-397v-83xh
fixed_packages
0
url pkg:nuget/Microsoft.AspNetCore.App@2.1.12
purl pkg:nuget/Microsoft.AspNetCore.App@2.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9zu6-5d4v-f3ht
1
vulnerability VCID-fm28-azef-buh6
2
vulnerability VCID-j761-wgke-97d8
3
vulnerability VCID-n3cs-wjun-vfhe
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App@2.1.12
1
url pkg:nuget/Microsoft.AspNetCore.App@2.2.6
purl pkg:nuget/Microsoft.AspNetCore.App@2.2.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App@2.2.6
aliases CVE-2019-1075, GHSA-prrf-397v-83xh
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-41c2-23ch-x7ft
2
url VCID-9zu6-5d4v-f3ht
vulnerability_id VCID-9zu6-5d4v-f3ht
summary Microsoft Security Advisory CVE-2020-0603 : ASP.NET Core Remote Code Execution Vulnerability
references
0
reference_url https://access.redhat.com/errata/RHSA-2020:0130
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0130
1
reference_url https://access.redhat.com/errata/RHSA-2020:0134
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0134
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-0603.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-0603.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-0603
reference_id
reference_type
scores
0
value 0.10785
scoring_system epss
scoring_elements 0.93366
published_at 2026-04-16T12:55:00Z
1
value 0.10785
scoring_system epss
scoring_elements 0.93318
published_at 2026-04-01T12:55:00Z
2
value 0.10785
scoring_system epss
scoring_elements 0.93326
published_at 2026-04-02T12:55:00Z
3
value 0.10785
scoring_system epss
scoring_elements 0.93348
published_at 2026-04-13T12:55:00Z
4
value 0.10785
scoring_system epss
scoring_elements 0.93333
published_at 2026-04-04T12:55:00Z
5
value 0.10785
scoring_system epss
scoring_elements 0.93332
published_at 2026-04-07T12:55:00Z
6
value 0.10785
scoring_system epss
scoring_elements 0.9334
published_at 2026-04-08T12:55:00Z
7
value 0.10785
scoring_system epss
scoring_elements 0.93349
published_at 2026-04-11T12:55:00Z
8
value 0.10785
scoring_system epss
scoring_elements 0.93345
published_at 2026-04-09T12:55:00Z
9
value 0.10785
scoring_system epss
scoring_elements 0.93378
published_at 2026-04-21T12:55:00Z
10
value 0.10785
scoring_system epss
scoring_elements 0.93371
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-0603
4
reference_url https://github.com/aspnet/Announcements/issues/403
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/aspnet/Announcements/issues/403
5
reference_url https://github.com/github/advisory-database/issues/302
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/github/advisory-database/issues/302
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-0603
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-0603
7
reference_url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0603
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0603
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1789624
reference_id 1789624
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1789624
9
reference_url https://github.com/advisories/GHSA-655q-9gvg-q4cm
reference_id GHSA-655q-9gvg-q4cm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-655q-9gvg-q4cm
fixed_packages
0
url pkg:nuget/Microsoft.AspNetCore.App@2.1.15
purl pkg:nuget/Microsoft.AspNetCore.App@2.1.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j761-wgke-97d8
1
vulnerability VCID-n3cs-wjun-vfhe
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App@2.1.15
1
url pkg:nuget/Microsoft.AspNetCore.App@3.0.1
purl pkg:nuget/Microsoft.AspNetCore.App@3.0.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App@3.0.1
2
url pkg:nuget/Microsoft.AspNetCore.App@3.1.1
purl pkg:nuget/Microsoft.AspNetCore.App@3.1.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App@3.1.1
aliases CVE-2020-0603, GHSA-655q-9gvg-q4cm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9zu6-5d4v-f3ht
3
url VCID-ct2x-rftj-tydp
vulnerability_id VCID-ct2x-rftj-tydp
summary 
Moderate severity vulnerability that affects Microsoft.AspNetCore.All, Microsoft.AspNetCore.App, and Microsoft.AspNetCore.Server.Kestrel.Core
Microsoft is aware of a denial of service vulnerability in ASP.NET Core when a malformed request is terminated. An attacker who successfully exploited this vulnerability could cause a denial of service attack.

The update addresses the vulnerability by correcting how ASP.NET Core handles such requests.
references
0
reference_url https://github.com/aspnet/Announcements/issues/311
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/aspnet/Announcements/issues/311
1
reference_url https://github.com/advisories/GHSA-cgpw-2gph-2r9g
reference_id GHSA-cgpw-2gph-2r9g
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-cgpw-2gph-2r9g
fixed_packages
0
url pkg:nuget/Microsoft.AspNetCore.App@2.1.2
purl pkg:nuget/Microsoft.AspNetCore.App@2.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1gtv-nubh-73a9
1
vulnerability VCID-41c2-23ch-x7ft
2
vulnerability VCID-9zu6-5d4v-f3ht
3
vulnerability VCID-fm28-azef-buh6
4
vulnerability VCID-j761-wgke-97d8
5
vulnerability VCID-n3cs-wjun-vfhe
6
vulnerability VCID-z54f-eupv-n7be
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App@2.1.2
aliases GHSA-cgpw-2gph-2r9g, GMS-2018-36, GMS-2018-38, GMS-2018-44
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ct2x-rftj-tydp
4
url VCID-fm28-azef-buh6
vulnerability_id VCID-fm28-azef-buh6
summary 
Denial of service in ASP.NET Core
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.
references
0
reference_url https://access.redhat.com/errata/RHSA-2020:0130
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0130
1
reference_url https://access.redhat.com/errata/RHSA-2020:0134
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0134
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-0602.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-0602.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-0602
reference_id
reference_type
scores
0
value 0.04034
scoring_system epss
scoring_elements 0.88495
published_at 2026-04-13T12:55:00Z
1
value 0.04034
scoring_system epss
scoring_elements 0.88441
published_at 2026-04-01T12:55:00Z
2
value 0.04034
scoring_system epss
scoring_elements 0.88449
published_at 2026-04-02T12:55:00Z
3
value 0.04034
scoring_system epss
scoring_elements 0.88503
published_at 2026-04-21T12:55:00Z
4
value 0.04034
scoring_system epss
scoring_elements 0.88464
published_at 2026-04-04T12:55:00Z
5
value 0.04034
scoring_system epss
scoring_elements 0.88467
published_at 2026-04-07T12:55:00Z
6
value 0.04034
scoring_system epss
scoring_elements 0.88492
published_at 2026-04-09T12:55:00Z
7
value 0.04034
scoring_system epss
scoring_elements 0.88486
published_at 2026-04-08T12:55:00Z
8
value 0.04034
scoring_system epss
scoring_elements 0.88506
published_at 2026-04-18T12:55:00Z
9
value 0.04034
scoring_system epss
scoring_elements 0.88509
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-0602
4
reference_url https://github.com/aspnet/Announcements/issues/402
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/aspnet/Announcements/issues/402
5
reference_url https://github.com/github/advisory-database/issues/302
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/github/advisory-database/issues/302
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-0602
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-0602
7
reference_url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0602
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0602
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1789623
reference_id 1789623
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1789623
9
reference_url https://github.com/advisories/GHSA-23cv-jh4v-vffm
reference_id GHSA-23cv-jh4v-vffm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-23cv-jh4v-vffm
fixed_packages
0
url pkg:nuget/Microsoft.AspNetCore.App@2.1.15
purl pkg:nuget/Microsoft.AspNetCore.App@2.1.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j761-wgke-97d8
1
vulnerability VCID-n3cs-wjun-vfhe
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App@2.1.15
1
url pkg:nuget/Microsoft.AspNetCore.App@3.0.1
purl pkg:nuget/Microsoft.AspNetCore.App@3.0.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App@3.0.1
2
url pkg:nuget/Microsoft.AspNetCore.App@3.1.1
purl pkg:nuget/Microsoft.AspNetCore.App@3.1.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App@3.1.1
aliases CVE-2020-0602, GHSA-23cv-jh4v-vffm
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fm28-azef-buh6
5
url VCID-j761-wgke-97d8
vulnerability_id VCID-j761-wgke-97d8
summary A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka `ASP.NET Core Denial of Service Vulnerability`.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1597.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1597.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1597
reference_id
reference_type
scores
0
value 0.07555
scoring_system epss
scoring_elements 0.91845
published_at 2026-04-21T12:55:00Z
1
value 0.07555
scoring_system epss
scoring_elements 0.91835
published_at 2026-04-12T12:55:00Z
2
value 0.07555
scoring_system epss
scoring_elements 0.91851
published_at 2026-04-16T12:55:00Z
3
value 0.07555
scoring_system epss
scoring_elements 0.91831
published_at 2026-04-13T12:55:00Z
4
value 0.07555
scoring_system epss
scoring_elements 0.91788
published_at 2026-04-01T12:55:00Z
5
value 0.07555
scoring_system epss
scoring_elements 0.91796
published_at 2026-04-02T12:55:00Z
6
value 0.07555
scoring_system epss
scoring_elements 0.91802
published_at 2026-04-04T12:55:00Z
7
value 0.07555
scoring_system epss
scoring_elements 0.9181
published_at 2026-04-07T12:55:00Z
8
value 0.07555
scoring_system epss
scoring_elements 0.91823
published_at 2026-04-08T12:55:00Z
9
value 0.07555
scoring_system epss
scoring_elements 0.91829
published_at 2026-04-09T12:55:00Z
10
value 0.07555
scoring_system epss
scoring_elements 0.91833
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1597
2
reference_url https://github.com/dotnet/announcements/issues/162
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/announcements/issues/162
3
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT
4
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT/
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO/
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT/
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO/
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1597
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1597
12
reference_url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1597
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1597
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1861110
reference_id 1861110
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1861110
14
reference_url https://github.com/advisories/GHSA-f8qx-mjcq-wfgx
reference_id GHSA-f8qx-mjcq-wfgx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f8qx-mjcq-wfgx
15
reference_url https://access.redhat.com/errata/RHSA-2020:3421
reference_id RHSA-2020:3421
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3421
16
reference_url https://access.redhat.com/errata/RHSA-2020:3422
reference_id RHSA-2020:3422
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3422
fixed_packages
0
url pkg:nuget/Microsoft.AspNetCore.App@2.1.21
purl pkg:nuget/Microsoft.AspNetCore.App@2.1.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-n3cs-wjun-vfhe
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App@2.1.21
aliases CVE-2020-1597, GHSA-f8qx-mjcq-wfgx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j761-wgke-97d8
6
url VCID-n3cs-wjun-vfhe
vulnerability_id VCID-n3cs-wjun-vfhe
summary 
Cookie parsing failure
A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names., aka 'Microsoft ASP.NET Core Security Feature Bypass Vulnerability'.
references
0
reference_url https://access.redhat.com/errata/RHSA-2020:3699
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T18:21:43Z/
url https://access.redhat.com/errata/RHSA-2020:3699
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1045.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1045.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1045
reference_id
reference_type
scores
0
value 0.20401
scoring_system epss
scoring_elements 0.95537
published_at 2026-04-11T12:55:00Z
1
value 0.20401
scoring_system epss
scoring_elements 0.95533
published_at 2026-04-09T12:55:00Z
2
value 0.20401
scoring_system epss
scoring_elements 0.9553
published_at 2026-04-08T12:55:00Z
3
value 0.20401
scoring_system epss
scoring_elements 0.95524
published_at 2026-04-07T12:55:00Z
4
value 0.20401
scoring_system epss
scoring_elements 0.9552
published_at 2026-04-04T12:55:00Z
5
value 0.20401
scoring_system epss
scoring_elements 0.95505
published_at 2026-04-01T12:55:00Z
6
value 0.20401
scoring_system epss
scoring_elements 0.95555
published_at 2026-04-21T12:55:00Z
7
value 0.20401
scoring_system epss
scoring_elements 0.95549
published_at 2026-04-16T12:55:00Z
8
value 0.20401
scoring_system epss
scoring_elements 0.9554
published_at 2026-04-13T12:55:00Z
9
value 0.20401
scoring_system epss
scoring_elements 0.95539
published_at 2026-04-12T12:55:00Z
10
value 0.20401
scoring_system epss
scoring_elements 0.95514
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1045
3
reference_url https://github.com/dotnet/announcements/issues/165
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/announcements/issues/165
4
reference_url https://github.com/dotnet/aspnetcore/issues/25701
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/aspnetcore/issues/25701
5
reference_url https://github.com/dotnet/aspnetcore/issues/25701#issuecomment-689434477
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/aspnetcore/issues/25701#issuecomment-689434477
6
reference_url https://github.com/dotnet/aspnetcore/pull/24264
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/aspnetcore/pull/24264
7
reference_url https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.8/3.1.8.md#changes-in-318
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T18:21:43Z/
url https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.8/3.1.8.md#changes-in-318
8
reference_url https://github.com/github/advisory-database/issues/302
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/github/advisory-database/issues/302
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3/
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1045
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1045
16
reference_url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1045
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T18:21:43Z/
url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1045
17
reference_url https://security.snyk.io/vuln/SNYK-RHEL8-DOTNET-1439600
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T18:21:43Z/
url https://security.snyk.io/vuln/SNYK-RHEL8-DOTNET-1439600
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1873451
reference_id 1873451
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1873451
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB/
reference_id 5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T18:21:43Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB/
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3/
reference_id ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T18:21:43Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3/
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:2.1*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:asp.net_core:2.1*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:2.1*:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:asp.net_core:3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:3.1:*:*:*:*:*:*:*
23
reference_url https://github.com/advisories/GHSA-hxrm-9w7p-39cc
reference_id GHSA-hxrm-9w7p-39cc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hxrm-9w7p-39cc
24
reference_url https://access.redhat.com/errata/RHSA-2020:3697
reference_id RHSA-2020:3697
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3697
fixed_packages
0
url pkg:nuget/Microsoft.AspNetCore.App@2.1.22
purl pkg:nuget/Microsoft.AspNetCore.App@2.1.22
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App@2.1.22
aliases CVE-2020-1045, GHSA-hxrm-9w7p-39cc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n3cs-wjun-vfhe
7
url VCID-z54f-eupv-n7be
vulnerability_id VCID-z54f-eupv-n7be
summary Microsoft Security Advisory CVE-2018-8409: ASP.NET Core Denial Of Service Vulnerability
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8409.json
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8409.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-8409
reference_id
reference_type
scores
0
value 0.1435
scoring_system epss
scoring_elements 0.94434
published_at 2026-04-21T12:55:00Z
1
value 0.1435
scoring_system epss
scoring_elements 0.94381
published_at 2026-04-02T12:55:00Z
2
value 0.1435
scoring_system epss
scoring_elements 0.94392
published_at 2026-04-04T12:55:00Z
3
value 0.1435
scoring_system epss
scoring_elements 0.94393
published_at 2026-04-07T12:55:00Z
4
value 0.1435
scoring_system epss
scoring_elements 0.94403
published_at 2026-04-08T12:55:00Z
5
value 0.1435
scoring_system epss
scoring_elements 0.94407
published_at 2026-04-09T12:55:00Z
6
value 0.1435
scoring_system epss
scoring_elements 0.94409
published_at 2026-04-11T12:55:00Z
7
value 0.1435
scoring_system epss
scoring_elements 0.9441
published_at 2026-04-13T12:55:00Z
8
value 0.1435
scoring_system epss
scoring_elements 0.94425
published_at 2026-04-16T12:55:00Z
9
value 0.1435
scoring_system epss
scoring_elements 0.94431
published_at 2026-04-18T12:55:00Z
10
value 0.1435
scoring_system epss
scoring_elements 0.94373
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-8409
2
reference_url https://github.com/aspnet/Announcements/issues/316
reference_id
reference_type
scores
url https://github.com/aspnet/Announcements/issues/316
3
reference_url https://github.com/dotnet/announcements/issues/83
reference_id
reference_type
scores
url https://github.com/dotnet/announcements/issues/83
4
reference_url http://www.securityfocus.com/bid/105223
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/105223
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1626263
reference_id 1626263
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1626263
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-8409
reference_id CVE-2018-8409
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-8409
7
reference_url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8409
reference_id CVE-2018-8409
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8409
8
reference_url https://github.com/advisories/GHSA-j378-6mmw-hqfr
reference_id GHSA-j378-6mmw-hqfr
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-j378-6mmw-hqfr
fixed_packages
0
url pkg:nuget/Microsoft.AspNetCore.App@2.1.4
purl pkg:nuget/Microsoft.AspNetCore.App@2.1.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1gtv-nubh-73a9
1
vulnerability VCID-41c2-23ch-x7ft
2
vulnerability VCID-9zu6-5d4v-f3ht
3
vulnerability VCID-fm28-azef-buh6
4
vulnerability VCID-j761-wgke-97d8
5
vulnerability VCID-n3cs-wjun-vfhe
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App@2.1.4
aliases CVE-2018-8409, GHSA-j378-6mmw-hqfr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z54f-eupv-n7be
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App@2.1.0