Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:nuget/Microsoft.AspNetCore.All@2.0.3
Typenuget
Namespace
NameMicrosoft.AspNetCore.All
Version2.0.3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.1.30
Latest_non_vulnerable_version2.1.30
Affected_by_vulnerabilities
0
url VCID-ct2x-rftj-tydp
vulnerability_id VCID-ct2x-rftj-tydp
summary 
Moderate severity vulnerability that affects Microsoft.AspNetCore.All, Microsoft.AspNetCore.App, and Microsoft.AspNetCore.Server.Kestrel.Core
Microsoft is aware of a denial of service vulnerability in ASP.NET Core when a malformed request is terminated. An attacker who successfully exploited this vulnerability could cause a denial of service attack.

The update addresses the vulnerability by correcting how ASP.NET Core handles such requests.
references
0
reference_url https://github.com/aspnet/Announcements/issues/311
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/aspnet/Announcements/issues/311
1
reference_url https://github.com/advisories/GHSA-cgpw-2gph-2r9g
reference_id GHSA-cgpw-2gph-2r9g
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-cgpw-2gph-2r9g
fixed_packages
0
url pkg:nuget/Microsoft.AspNetCore.All@2.0.9
purl pkg:nuget/Microsoft.AspNetCore.All@2.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zdjb-98e7-6bgn
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.9
1
url pkg:nuget/Microsoft.AspNetCore.All@2.1.2
purl pkg:nuget/Microsoft.AspNetCore.All@2.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1gtv-nubh-73a9
1
vulnerability VCID-aqyy-zs6z-v7ar
2
vulnerability VCID-cja1-29th-9qbf
3
vulnerability VCID-j761-wgke-97d8
4
vulnerability VCID-mrdj-nvz7-xyet
5
vulnerability VCID-n3cs-wjun-vfhe
6
vulnerability VCID-pa95-mtgb-yuf2
7
vulnerability VCID-wzeg-jdcg-tfct
8
vulnerability VCID-z54f-eupv-n7be
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.1.2
aliases GHSA-cgpw-2gph-2r9g, GMS-2018-36, GMS-2018-38, GMS-2018-44
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ct2x-rftj-tydp
1
url VCID-vyrd-u846-8kdu
vulnerability_id VCID-vyrd-u846-8kdu
summary 
Moderate severity vulnerability that affects Microsoft.AspNetCore.All, Microsoft.AspNetCore.Server.Kestrel.Core, Microsoft.AspNetCore.Server.Kestrel.Transport.Abstractions, and Microsoft.AspNetCore.Server.Kestrel.Transport.Libuv
Microsoft made an internal discovery of a security vulnerability in version 2.x of ASP.NET Core where
a specially crafted request can cause excess resource consumption in Kestrel.
references
0
reference_url https://github.com/aspnet/Announcements/issues/300
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/aspnet/Announcements/issues/300
1
reference_url https://github.com/advisories/GHSA-3m2r-q8x3-xmf7
reference_id GHSA-3m2r-q8x3-xmf7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-3m2r-q8x3-xmf7
fixed_packages
0
url pkg:nuget/Microsoft.AspNetCore.All@2.0.8
purl pkg:nuget/Microsoft.AspNetCore.All@2.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ct2x-rftj-tydp
1
vulnerability VCID-zdjb-98e7-6bgn
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.8
aliases GHSA-3m2r-q8x3-xmf7, GMS-2018-37, GMS-2018-39, GMS-2018-40, GMS-2018-43
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vyrd-u846-8kdu
2
url VCID-zdjb-98e7-6bgn
vulnerability_id VCID-zdjb-98e7-6bgn
summary Microsoft Security Advisory CVE-2018-8292: .NET Core Information Disclosure Vulnerability
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2902
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2902
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8292.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8292.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-8292
reference_id
reference_type
scores
0
value 0.06775
scoring_system epss
scoring_elements 0.91307
published_at 2026-04-13T12:55:00Z
1
value 0.06775
scoring_system epss
scoring_elements 0.91308
published_at 2026-04-12T12:55:00Z
2
value 0.06775
scoring_system epss
scoring_elements 0.91305
published_at 2026-04-11T12:55:00Z
3
value 0.06775
scoring_system epss
scoring_elements 0.91298
published_at 2026-04-09T12:55:00Z
4
value 0.06775
scoring_system epss
scoring_elements 0.91292
published_at 2026-04-08T12:55:00Z
5
value 0.06775
scoring_system epss
scoring_elements 0.91258
published_at 2026-04-01T12:55:00Z
6
value 0.06775
scoring_system epss
scoring_elements 0.9128
published_at 2026-04-07T12:55:00Z
7
value 0.06775
scoring_system epss
scoring_elements 0.91263
published_at 2026-04-02T12:55:00Z
8
value 0.06775
scoring_system epss
scoring_elements 0.91273
published_at 2026-04-04T12:55:00Z
9
value 0.06775
scoring_system epss
scoring_elements 0.91333
published_at 2026-04-21T12:55:00Z
10
value 0.06775
scoring_system epss
scoring_elements 0.91332
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-8292
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dotnet/announcements/issues/88
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/announcements/issues/88
5
reference_url http://www.securityfocus.com/bid/105548
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/105548
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1636274
reference_id 1636274
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1636274
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-8292
reference_id CVE-2018-8292
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-8292
8
reference_url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8292
reference_id CVE-2018-8292
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8292
9
reference_url https://github.com/advisories/GHSA-7jgj-8wvc-jh57
reference_id GHSA-7jgj-8wvc-jh57
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7jgj-8wvc-jh57
fixed_packages
0
url pkg:nuget/Microsoft.AspNetCore.All@2.1.1
purl pkg:nuget/Microsoft.AspNetCore.All@2.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1gtv-nubh-73a9
1
vulnerability VCID-aqyy-zs6z-v7ar
2
vulnerability VCID-cja1-29th-9qbf
3
vulnerability VCID-ct2x-rftj-tydp
4
vulnerability VCID-j761-wgke-97d8
5
vulnerability VCID-mrdj-nvz7-xyet
6
vulnerability VCID-n3cs-wjun-vfhe
7
vulnerability VCID-pa95-mtgb-yuf2
8
vulnerability VCID-wzeg-jdcg-tfct
9
vulnerability VCID-z54f-eupv-n7be
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.1.1
aliases CVE-2018-8292, GHSA-7jgj-8wvc-jh57
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zdjb-98e7-6bgn
Fixing_vulnerabilities
0
url VCID-1t9f-878v-x3h1
vulnerability_id VCID-1t9f-878v-x3h1
summary 
Privilege Escalation
ASP.NET Core allow an elevation of privilege vulnerability due to the ASP.NET Core project templates, aka "ASP.NET Core Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0808.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-0784
reference_id
reference_type
scores
0
value 0.15711
scoring_system epss
scoring_elements 0.9473
published_at 2026-04-21T12:55:00Z
1
value 0.15711
scoring_system epss
scoring_elements 0.94725
published_at 2026-04-18T12:55:00Z
2
value 0.15711
scoring_system epss
scoring_elements 0.94676
published_at 2026-04-01T12:55:00Z
3
value 0.15711
scoring_system epss
scoring_elements 0.94684
published_at 2026-04-02T12:55:00Z
4
value 0.15711
scoring_system epss
scoring_elements 0.94688
published_at 2026-04-04T12:55:00Z
5
value 0.15711
scoring_system epss
scoring_elements 0.9469
published_at 2026-04-07T12:55:00Z
6
value 0.15711
scoring_system epss
scoring_elements 0.947
published_at 2026-04-08T12:55:00Z
7
value 0.15711
scoring_system epss
scoring_elements 0.94705
published_at 2026-04-09T12:55:00Z
8
value 0.15711
scoring_system epss
scoring_elements 0.94709
published_at 2026-04-11T12:55:00Z
9
value 0.15711
scoring_system epss
scoring_elements 0.94713
published_at 2026-04-12T12:55:00Z
10
value 0.15711
scoring_system epss
scoring_elements 0.94714
published_at 2026-04-13T12:55:00Z
11
value 0.15711
scoring_system epss
scoring_elements 0.94723
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-0784
1
reference_url http://www.securityfocus.com/bid/102377
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/102377
2
reference_url http://www.securitytracker.com/id/1040151
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1040151
3
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:asp.net_core:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:2.0:*:*:*:*:*:*:*
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-0784
reference_id CVE-2018-0784
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2018-0784
5
reference_url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0784
reference_id CVE-2018-0784
reference_type
scores
url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0784
fixed_packages
0
url pkg:nuget/Microsoft.AspNetCore.All@2.0.3
purl pkg:nuget/Microsoft.AspNetCore.All@2.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ct2x-rftj-tydp
1
vulnerability VCID-vyrd-u846-8kdu
2
vulnerability VCID-zdjb-98e7-6bgn
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.3
aliases CVE-2018-0784
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1t9f-878v-x3h1
1
url VCID-7q42-unw8-kufd
vulnerability_id VCID-7q42-unw8-kufd
summary 
URL Redirection to Untrusted Site ('Open Redirect')
ASP.NET Core allows an attacker to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka "ASP.NET Core Elevation Of Privilege Vulnerability".
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-11879
reference_id
reference_type
scores
0
value 0.09772
scoring_system epss
scoring_elements 0.92972
published_at 2026-04-21T12:55:00Z
1
value 0.09772
scoring_system epss
scoring_elements 0.92925
published_at 2026-04-01T12:55:00Z
2
value 0.09772
scoring_system epss
scoring_elements 0.92933
published_at 2026-04-02T12:55:00Z
3
value 0.09772
scoring_system epss
scoring_elements 0.92936
published_at 2026-04-07T12:55:00Z
4
value 0.09772
scoring_system epss
scoring_elements 0.92944
published_at 2026-04-08T12:55:00Z
5
value 0.09772
scoring_system epss
scoring_elements 0.92948
published_at 2026-04-09T12:55:00Z
6
value 0.09772
scoring_system epss
scoring_elements 0.92953
published_at 2026-04-11T12:55:00Z
7
value 0.09772
scoring_system epss
scoring_elements 0.92951
published_at 2026-04-12T12:55:00Z
8
value 0.09772
scoring_system epss
scoring_elements 0.92952
published_at 2026-04-13T12:55:00Z
9
value 0.09772
scoring_system epss
scoring_elements 0.92962
published_at 2026-04-16T12:55:00Z
10
value 0.09772
scoring_system epss
scoring_elements 0.92965
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-11879
1
reference_url https://github.com/aspnet/Announcements/issues/277
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/aspnet/Announcements/issues/277
2
reference_url https://github.com/github/advisory-database/issues/302
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/github/advisory-database/issues/302
3
reference_url http://www.securityfocus.com/bid/101713
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/101713
4
reference_url http://www.securitytracker.com/id/1039793
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039793
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:asp.net_core:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:2.0:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-11879
reference_id CVE-2017-11879
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-11879
7
reference_url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11879
reference_id CVE-2017-11879
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11879
8
reference_url https://github.com/advisories/GHSA-3wcj-rg8q-9cqv
reference_id GHSA-3wcj-rg8q-9cqv
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3wcj-rg8q-9cqv
fixed_packages
0
url pkg:nuget/Microsoft.AspNetCore.All@2.0.3
purl pkg:nuget/Microsoft.AspNetCore.All@2.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ct2x-rftj-tydp
1
vulnerability VCID-vyrd-u846-8kdu
2
vulnerability VCID-zdjb-98e7-6bgn
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.3
aliases CVE-2017-11879, GHSA-3wcj-rg8q-9cqv
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7q42-unw8-kufd
2
url VCID-bmf7-rsbm-3fb1
vulnerability_id VCID-bmf7-rsbm-3fb1
summary Microsoft Security Advisory CVE-2017-8700: CORS bypass can enable Information Disclosure
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8700.json
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8700.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-8700
reference_id
reference_type
scores
0
value 0.07533
scoring_system epss
scoring_elements 0.91831
published_at 2026-04-21T12:55:00Z
1
value 0.07533
scoring_system epss
scoring_elements 0.91837
published_at 2026-04-16T12:55:00Z
2
value 0.10872
scoring_system epss
scoring_elements 0.93361
published_at 2026-04-07T12:55:00Z
3
value 0.10872
scoring_system epss
scoring_elements 0.93347
published_at 2026-04-01T12:55:00Z
4
value 0.10872
scoring_system epss
scoring_elements 0.93355
published_at 2026-04-02T12:55:00Z
5
value 0.10872
scoring_system epss
scoring_elements 0.93362
published_at 2026-04-04T12:55:00Z
6
value 0.11016
scoring_system epss
scoring_elements 0.9343
published_at 2026-04-13T12:55:00Z
7
value 0.11016
scoring_system epss
scoring_elements 0.93424
published_at 2026-04-09T12:55:00Z
8
value 0.11016
scoring_system epss
scoring_elements 0.9342
published_at 2026-04-08T12:55:00Z
9
value 0.11016
scoring_system epss
scoring_elements 0.93429
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-8700
2
reference_url https://github.com/aspnet/Announcements/issues/279
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/aspnet/Announcements/issues/279
3
reference_url https://github.com/github/advisory-database/issues/302
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/github/advisory-database/issues/302
4
reference_url http://www.securityfocus.com/bid/101712
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/101712
5
reference_url http://www.securitytracker.com/id/1039793
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039793
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1512998
reference_id 1512998
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1512998
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:asp.net_core:1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:1.0:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:asp.net_core:1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:1.1:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:asp.net_core:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:2.0:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-8700
reference_id CVE-2017-8700
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-8700
11
reference_url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8700
reference_id CVE-2017-8700
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8700
12
reference_url https://github.com/advisories/GHSA-3rp6-rjw4-cq39
reference_id GHSA-3rp6-rjw4-cq39
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3rp6-rjw4-cq39
fixed_packages
0
url pkg:nuget/Microsoft.AspNetCore.All@2.0.3
purl pkg:nuget/Microsoft.AspNetCore.All@2.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ct2x-rftj-tydp
1
vulnerability VCID-vyrd-u846-8kdu
2
vulnerability VCID-zdjb-98e7-6bgn
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.3
aliases CVE-2017-8700, GHSA-3rp6-rjw4-cq39
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bmf7-rsbm-3fb1
3
url VCID-kn85-7zpm-rqcp
vulnerability_id VCID-kn85-7zpm-rqcp
summary 
Privilege Escalation
ASP.NET Core allow an elevation of privilege vulnerability due to how ASP.NET web applications handle web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0784.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-0808
reference_id
reference_type
scores
0
value 0.12839
scoring_system epss
scoring_elements 0.94002
published_at 2026-04-01T12:55:00Z
1
value 0.12839
scoring_system epss
scoring_elements 0.94011
published_at 2026-04-02T12:55:00Z
2
value 0.12839
scoring_system epss
scoring_elements 0.9402
published_at 2026-04-04T12:55:00Z
3
value 0.12839
scoring_system epss
scoring_elements 0.94023
published_at 2026-04-07T12:55:00Z
4
value 0.12839
scoring_system epss
scoring_elements 0.94031
published_at 2026-04-08T12:55:00Z
5
value 0.12839
scoring_system epss
scoring_elements 0.94035
published_at 2026-04-09T12:55:00Z
6
value 0.12839
scoring_system epss
scoring_elements 0.9404
published_at 2026-04-11T12:55:00Z
7
value 0.12839
scoring_system epss
scoring_elements 0.94039
published_at 2026-04-13T12:55:00Z
8
value 0.12839
scoring_system epss
scoring_elements 0.94055
published_at 2026-04-16T12:55:00Z
9
value 0.12839
scoring_system epss
scoring_elements 0.9406
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-0808
1
reference_url http://www.securityfocus.com/bid/103226
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/103226
2
reference_url http://www.securitytracker.com/id/1040504
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1040504
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-0808
reference_id CVE-2018-0808
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-0808
4
reference_url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0808
reference_id CVE-2018-0808
reference_type
scores
url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0808
fixed_packages
0
url pkg:nuget/Microsoft.AspNetCore.All@2.0.3
purl pkg:nuget/Microsoft.AspNetCore.All@2.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ct2x-rftj-tydp
1
vulnerability VCID-vyrd-u846-8kdu
2
vulnerability VCID-zdjb-98e7-6bgn
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.3
aliases CVE-2018-0808
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kn85-7zpm-rqcp
4
url VCID-r262-q86s-pue7
vulnerability_id VCID-r262-q86s-pue7
summary 
Weak Password Recovery Mechanism for Forgotten Password
ASP.NET Core allow an elevation of privilege vulnerability due to how web applications that are created from templates validate web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability".
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-0787
reference_id
reference_type
scores
0
value 0.17477
scoring_system epss
scoring_elements 0.95056
published_at 2026-04-04T12:55:00Z
1
value 0.17477
scoring_system epss
scoring_elements 0.95093
published_at 2026-04-21T12:55:00Z
2
value 0.17477
scoring_system epss
scoring_elements 0.9509
published_at 2026-04-18T12:55:00Z
3
value 0.17477
scoring_system epss
scoring_elements 0.95087
published_at 2026-04-16T12:55:00Z
4
value 0.17477
scoring_system epss
scoring_elements 0.95045
published_at 2026-04-01T12:55:00Z
5
value 0.17477
scoring_system epss
scoring_elements 0.95078
published_at 2026-04-13T12:55:00Z
6
value 0.17477
scoring_system epss
scoring_elements 0.95075
published_at 2026-04-12T12:55:00Z
7
value 0.17477
scoring_system epss
scoring_elements 0.95074
published_at 2026-04-11T12:55:00Z
8
value 0.17477
scoring_system epss
scoring_elements 0.95069
published_at 2026-04-09T12:55:00Z
9
value 0.17477
scoring_system epss
scoring_elements 0.95065
published_at 2026-04-08T12:55:00Z
10
value 0.17477
scoring_system epss
scoring_elements 0.95058
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-0787
1
reference_url https://github.com/aspnet/Announcements/issues/295
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/aspnet/Announcements/issues/295
2
reference_url http://www.securityfocus.com/bid/103282
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/103282
3
reference_url http://www.securitytracker.com/id/1040525
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1040525
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-0787
reference_id CVE-2018-0787
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-0787
5
reference_url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0787
reference_id CVE-2018-0787
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0787
6
reference_url https://github.com/advisories/GHSA-365p-96qv-xr7g
reference_id GHSA-365p-96qv-xr7g
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-365p-96qv-xr7g
fixed_packages
0
url pkg:nuget/Microsoft.AspNetCore.All@2.0.3
purl pkg:nuget/Microsoft.AspNetCore.All@2.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ct2x-rftj-tydp
1
vulnerability VCID-vyrd-u846-8kdu
2
vulnerability VCID-zdjb-98e7-6bgn
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.3
aliases CVE-2018-0787, GHSA-365p-96qv-xr7g
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r262-q86s-pue7
5
url VCID-stea-61x4-xua6
vulnerability_id VCID-stea-61x4-xua6
summary 
Uncontrolled Resource Consumption
.NET Core, .NET Core, NET Core and PowerShell Core allow a denial of Service vulnerability due to how specially crafted requests are handled, aka ".NET Core Denial of Service Vulnerability".
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:0522
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0522
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0875.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0875.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-0875
reference_id
reference_type
scores
0
value 0.16902
scoring_system epss
scoring_elements 0.94973
published_at 2026-04-16T12:55:00Z
1
value 0.16902
scoring_system epss
scoring_elements 0.94965
published_at 2026-04-13T12:55:00Z
2
value 0.16902
scoring_system epss
scoring_elements 0.94963
published_at 2026-04-12T12:55:00Z
3
value 0.16902
scoring_system epss
scoring_elements 0.94961
published_at 2026-04-11T12:55:00Z
4
value 0.16902
scoring_system epss
scoring_elements 0.94956
published_at 2026-04-09T12:55:00Z
5
value 0.16902
scoring_system epss
scoring_elements 0.94952
published_at 2026-04-08T12:55:00Z
6
value 0.16902
scoring_system epss
scoring_elements 0.94943
published_at 2026-04-07T12:55:00Z
7
value 0.16902
scoring_system epss
scoring_elements 0.94942
published_at 2026-04-04T12:55:00Z
8
value 0.16902
scoring_system epss
scoring_elements 0.9494
published_at 2026-04-02T12:55:00Z
9
value 0.16902
scoring_system epss
scoring_elements 0.94931
published_at 2026-04-01T12:55:00Z
10
value 0.16902
scoring_system epss
scoring_elements 0.9498
published_at 2026-04-21T12:55:00Z
11
value 0.16902
scoring_system epss
scoring_elements 0.94977
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-0875
3
reference_url https://github.com/dotnet/announcements/issues/62
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/announcements/issues/62
4
reference_url http://www.securityfocus.com/bid/103225
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/103225
5
reference_url http://www.securitytracker.com/id/1040505
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1040505
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1552060
reference_id 1552060
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1552060
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-0875
reference_id CVE-2018-0875
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-0875
8
reference_url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0875
reference_id CVE-2018-0875
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0875
9
reference_url https://github.com/advisories/GHSA-xcvr-qv8h-m7xw
reference_id GHSA-xcvr-qv8h-m7xw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xcvr-qv8h-m7xw
fixed_packages
0
url pkg:nuget/Microsoft.AspNetCore.All@2.0.0-preview1-final
purl pkg:nuget/Microsoft.AspNetCore.All@2.0.0-preview1-final
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kn85-7zpm-rqcp
1
vulnerability VCID-r262-q86s-pue7
2
vulnerability VCID-ucc7-eecy-6qgq
3
vulnerability VCID-vavn-24a8-e7d4
4
vulnerability VCID-zdjb-98e7-6bgn
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.0-preview1-final
1
url pkg:nuget/Microsoft.AspNetCore.All@2.0.3
purl pkg:nuget/Microsoft.AspNetCore.All@2.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ct2x-rftj-tydp
1
vulnerability VCID-vyrd-u846-8kdu
2
vulnerability VCID-zdjb-98e7-6bgn
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.3
aliases CVE-2018-0875, GHSA-xcvr-qv8h-m7xw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-stea-61x4-xua6
6
url VCID-u9fp-mh5e-6ygh
vulnerability_id VCID-u9fp-mh5e-6ygh
summary 
Cross-Site Request Forgery (CSRF)
ASP.NET Core allow a cross site request forgery vulnerability due to the ASP.NET Core project templates, aka "ASP.NET Core Cross Site Request Forgery Vulnerability".
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-0785
reference_id
reference_type
scores
0
value 0.02614
scoring_system epss
scoring_elements 0.85671
published_at 2026-04-21T12:55:00Z
1
value 0.02614
scoring_system epss
scoring_elements 0.85676
published_at 2026-04-18T12:55:00Z
2
value 0.02614
scoring_system epss
scoring_elements 0.85575
published_at 2026-04-01T12:55:00Z
3
value 0.02614
scoring_system epss
scoring_elements 0.85586
published_at 2026-04-02T12:55:00Z
4
value 0.02614
scoring_system epss
scoring_elements 0.85604
published_at 2026-04-04T12:55:00Z
5
value 0.02614
scoring_system epss
scoring_elements 0.8561
published_at 2026-04-07T12:55:00Z
6
value 0.02614
scoring_system epss
scoring_elements 0.8563
published_at 2026-04-08T12:55:00Z
7
value 0.02614
scoring_system epss
scoring_elements 0.85641
published_at 2026-04-09T12:55:00Z
8
value 0.02614
scoring_system epss
scoring_elements 0.85655
published_at 2026-04-11T12:55:00Z
9
value 0.02614
scoring_system epss
scoring_elements 0.85652
published_at 2026-04-12T12:55:00Z
10
value 0.02614
scoring_system epss
scoring_elements 0.85648
published_at 2026-04-13T12:55:00Z
11
value 0.02614
scoring_system epss
scoring_elements 0.8567
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-0785
1
reference_url http://www.securityfocus.com/bid/102379
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/102379
2
reference_url http://www.securitytracker.com/id/1040151
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1040151
3
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:asp.net_core:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:2.0:*:*:*:*:*:*:*
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-0785
reference_id CVE-2018-0785
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2018-0785
5
reference_url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0785
reference_id CVE-2018-0785
reference_type
scores
url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0785
fixed_packages
0
url pkg:nuget/Microsoft.AspNetCore.All@2.0.3
purl pkg:nuget/Microsoft.AspNetCore.All@2.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ct2x-rftj-tydp
1
vulnerability VCID-vyrd-u846-8kdu
2
vulnerability VCID-zdjb-98e7-6bgn
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.3
aliases CVE-2018-0785
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u9fp-mh5e-6ygh
7
url VCID-ucc7-eecy-6qgq
vulnerability_id VCID-ucc7-eecy-6qgq
summary Microsoft Security Advisory CVE-2018-8356: .NET Core Security Feature Bypass Vulnerability
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8356.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8356.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-8356
reference_id
reference_type
scores
0
value 0.00212
scoring_system epss
scoring_elements 0.43748
published_at 2026-04-21T12:55:00Z
1
value 0.00212
scoring_system epss
scoring_elements 0.43815
published_at 2026-04-18T12:55:00Z
2
value 0.00227
scoring_system epss
scoring_elements 0.45401
published_at 2026-04-07T12:55:00Z
3
value 0.00227
scoring_system epss
scoring_elements 0.45477
published_at 2026-04-11T12:55:00Z
4
value 0.00227
scoring_system epss
scoring_elements 0.45435
published_at 2026-04-02T12:55:00Z
5
value 0.00227
scoring_system epss
scoring_elements 0.45456
published_at 2026-04-09T12:55:00Z
6
value 0.00227
scoring_system epss
scoring_elements 0.45455
published_at 2026-04-08T12:55:00Z
7
value 0.00227
scoring_system epss
scoring_elements 0.45499
published_at 2026-04-16T12:55:00Z
8
value 0.00227
scoring_system epss
scoring_elements 0.45448
published_at 2026-04-13T12:55:00Z
9
value 0.00227
scoring_system epss
scoring_elements 0.45361
published_at 2026-04-01T12:55:00Z
10
value 0.00227
scoring_system epss
scoring_elements 0.45447
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-8356
2
reference_url https://github.com/dotnet/announcements/issues/73
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/announcements/issues/73
3
reference_url https://github.com/github/advisory-database/issues/302
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/github/advisory-database/issues/302
4
reference_url http://www.securityfocus.com/bid/104664
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/104664
5
reference_url http://www.securitytracker.com/id/1041257
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1041257
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1600323
reference_id 1600323
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1600323
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:asp.net_core:1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:1.0:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:asp.net_core:1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:1.1:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:asp.net_core:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:2.0:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_core:1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:.net_core:1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_core:1.0:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_core:1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:.net_core:1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_core:1.1:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_core:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:.net_core:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_core:2.0:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:4.6.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:.net_framework:4.6.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:4.6.1:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework_developer_pack:4.7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:.net_framework_developer_pack:4.7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework_developer_pack:4.7.2:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:powershell_core:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:powershell_core:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:powershell_core:6.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:powershell_core:6.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:powershell_core:6.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:powershell_core:6.1:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server:1803:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows_server:1803:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server:1803:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-8356
reference_id CVE-2018-8356
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:N/I:P/A:N
1
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-8356
43
reference_url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8356
reference_id CVE-2018-8356
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8356
44
reference_url https://github.com/advisories/GHSA-p9wx-v264-q34p
reference_id GHSA-p9wx-v264-q34p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p9wx-v264-q34p
fixed_packages
0
url pkg:nuget/Microsoft.AspNetCore.All@2.0.3
purl pkg:nuget/Microsoft.AspNetCore.All@2.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ct2x-rftj-tydp
1
vulnerability VCID-vyrd-u846-8kdu
2
vulnerability VCID-zdjb-98e7-6bgn
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.3
aliases CVE-2018-8356, GHSA-p9wx-v264-q34p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ucc7-eecy-6qgq
8
url VCID-vavn-24a8-e7d4
vulnerability_id VCID-vavn-24a8-e7d4
summary Microsoft Security Advisory CVE-2018-8171: ASP.NET Core Security Feature Bypass Vulnerability
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-8171
reference_id
reference_type
scores
0
value 0.19441
scoring_system epss
scoring_elements 0.9535
published_at 2026-04-01T12:55:00Z
1
value 0.21801
scoring_system epss
scoring_elements 0.95765
published_at 2026-04-18T12:55:00Z
2
value 0.21801
scoring_system epss
scoring_elements 0.95767
published_at 2026-04-21T12:55:00Z
3
value 0.24334
scoring_system epss
scoring_elements 0.96076
published_at 2026-04-04T12:55:00Z
4
value 0.24334
scoring_system epss
scoring_elements 0.9609
published_at 2026-04-08T12:55:00Z
5
value 0.24334
scoring_system epss
scoring_elements 0.96081
published_at 2026-04-07T12:55:00Z
6
value 0.24334
scoring_system epss
scoring_elements 0.96069
published_at 2026-04-02T12:55:00Z
7
value 0.24334
scoring_system epss
scoring_elements 0.96108
published_at 2026-04-16T12:55:00Z
8
value 0.24334
scoring_system epss
scoring_elements 0.96099
published_at 2026-04-13T12:55:00Z
9
value 0.24334
scoring_system epss
scoring_elements 0.96096
published_at 2026-04-12T12:55:00Z
10
value 0.24334
scoring_system epss
scoring_elements 0.96094
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-8171
1
reference_url https://github.com/aspnet/Announcements/issues/310
reference_id
reference_type
scores
url https://github.com/aspnet/Announcements/issues/310
2
reference_url http://www.securityfocus.com/bid/104659
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/104659
3
reference_url http://www.securitytracker.com/id/1041267
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1041267
4
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:asp.net_core:1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:1.0:*:*:*:*:*:*:*
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:asp.net_core:1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:1.1:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:asp.net_core:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:2.0:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_model_view_controller:5.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:asp.net_model_view_controller:5.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_model_view_controller:5.2:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_webpages:3.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:microsoft:asp.net_webpages:3.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_webpages:3.2.3:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-8171
reference_id CVE-2018-8171
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-8171
10
reference_url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8171
reference_id CVE-2018-8171
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8171
11
reference_url https://github.com/advisories/GHSA-vhvh-528q-ff3p
reference_id GHSA-vhvh-528q-ff3p
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-vhvh-528q-ff3p
fixed_packages
0
url pkg:nuget/Microsoft.AspNetCore.All@2.0.3
purl pkg:nuget/Microsoft.AspNetCore.All@2.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ct2x-rftj-tydp
1
vulnerability VCID-vyrd-u846-8kdu
2
vulnerability VCID-zdjb-98e7-6bgn
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.3
aliases CVE-2018-8171, GHSA-vhvh-528q-ff3p
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vavn-24a8-e7d4
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.0.3