Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:nuget/Microsoft.Owin@2.1.0-rc1

Type nuget

Namespace

Name Microsoft.Owin

Version 2.1.0-rc1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 4.2.2

Latest_non_vulnerable_version 4.2.2

Affected_by_vulnerabilities

url VCID-m6bh-57h2-73a3

vulnerability_id VCID-m6bh-57h2-73a3

summary This advisory has been marked as False-Positive and removed.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29117.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29117.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29117

reference_id

reference_type

scores

value	0.02187
scoring_system	epss
scoring_elements	0.84397
published_at	2026-04-18T12:55:00Z

value	0.02187
scoring_system	epss
scoring_elements	0.84375
published_at	2026-04-13T12:55:00Z

value	0.02187
scoring_system	epss
scoring_elements	0.84379
published_at	2026-04-12T12:55:00Z

value	0.02187
scoring_system	epss
scoring_elements	0.84386
published_at	2026-04-11T12:55:00Z

value	0.02187
scoring_system	epss
scoring_elements	0.84368
published_at	2026-04-09T12:55:00Z

value	0.02187
scoring_system	epss
scoring_elements	0.84341
published_at	2026-04-07T12:55:00Z

value	0.02187
scoring_system	epss
scoring_elements	0.84339
published_at	2026-04-04T12:55:00Z

value	0.02187
scoring_system	epss
scoring_elements	0.84318
published_at	2026-04-02T12:55:00Z

value	0.02187
scoring_system	epss
scoring_elements	0.84363
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/dotnet/aspnetcore

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore

reference_url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-3rq8-h3gj-r5c6

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-3rq8-h3gj-r5c6

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29117

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29117

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2083647
reference_id	2083647
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2083647

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-29117

reference_id

CVE-2022-29117

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-29117

reference_url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117
reference_id	CVE-2022-29117
reference_type
scores
url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117

reference_url

https://github.com/advisories/GHSA-3rq8-h3gj-r5c6

reference_id

GHSA-3rq8-h3gj-r5c6

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-3rq8-h3gj-r5c6

reference_url	https://access.redhat.com/errata/RHSA-2022:2194
reference_id	RHSA-2022:2194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2194

reference_url	https://access.redhat.com/errata/RHSA-2022:2195
reference_id	RHSA-2022:2195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2195

reference_url	https://access.redhat.com/errata/RHSA-2022:2196
reference_id	RHSA-2022:2196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2196

reference_url	https://access.redhat.com/errata/RHSA-2022:2199
reference_id	RHSA-2022:2199
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2199

reference_url	https://access.redhat.com/errata/RHSA-2022:2200
reference_id	RHSA-2022:2200
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2200

reference_url	https://access.redhat.com/errata/RHSA-2022:2202
reference_id	RHSA-2022:2202
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2202

reference_url	https://access.redhat.com/errata/RHSA-2022:4588
reference_id	RHSA-2022:4588
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4588

fixed_packages

url	pkg:nuget/Microsoft.Owin@4.2.2
purl	pkg:nuget/Microsoft.Owin@4.2.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Owin@4.2.2

aliases CVE-2022-29117, GHSA-3rq8-h3gj-r5c6

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m6bh-57h2-73a3

url VCID-n3cs-wjun-vfhe

vulnerability_id VCID-n3cs-wjun-vfhe

summary

Cookie parsing failure
A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names., aka 'Microsoft ASP.NET Core Security Feature Bypass Vulnerability'.

references

reference_url

https://access.redhat.com/errata/RHSA-2020:3699

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T18:21:43Z/

url

https://access.redhat.com/errata/RHSA-2020:3699

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1045.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1045.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-1045

reference_id

reference_type

scores

value	0.20401
scoring_system	epss
scoring_elements	0.95537
published_at	2026-04-11T12:55:00Z

value	0.20401
scoring_system	epss
scoring_elements	0.95533
published_at	2026-04-09T12:55:00Z

value	0.20401
scoring_system	epss
scoring_elements	0.9553
published_at	2026-04-08T12:55:00Z

value	0.20401
scoring_system	epss
scoring_elements	0.95524
published_at	2026-04-07T12:55:00Z

value	0.20401
scoring_system	epss
scoring_elements	0.9552
published_at	2026-04-04T12:55:00Z

value	0.20401
scoring_system	epss
scoring_elements	0.95505
published_at	2026-04-01T12:55:00Z

value	0.20401
scoring_system	epss
scoring_elements	0.95555
published_at	2026-04-18T12:55:00Z

value	0.20401
scoring_system	epss
scoring_elements	0.95549
published_at	2026-04-16T12:55:00Z

value	0.20401
scoring_system	epss
scoring_elements	0.9554
published_at	2026-04-13T12:55:00Z

value	0.20401
scoring_system	epss
scoring_elements	0.95539
published_at	2026-04-12T12:55:00Z

value	0.20401
scoring_system	epss
scoring_elements	0.95514
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-1045

reference_url

https://github.com/dotnet/announcements/issues/165

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/announcements/issues/165

reference_url

https://github.com/dotnet/aspnetcore/issues/25701

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore/issues/25701

reference_url

https://github.com/dotnet/aspnetcore/issues/25701#issuecomment-689434477

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore/issues/25701#issuecomment-689434477

reference_url

https://github.com/dotnet/aspnetcore/pull/24264

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore/pull/24264

reference_url

https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.8/3.1.8.md#changes-in-318

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T18:21:43Z/

url

https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.8/3.1.8.md#changes-in-318

reference_url

https://github.com/github/advisory-database/issues/302

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/github/advisory-database/issues/302

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3/

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-1045

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-1045

reference_url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1045

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T18:21:43Z/

url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1045

reference_url

https://security.snyk.io/vuln/SNYK-RHEL8-DOTNET-1439600

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T18:21:43Z/

url

https://security.snyk.io/vuln/SNYK-RHEL8-DOTNET-1439600

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1873451
reference_id	1873451
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1873451

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB/

reference_id

5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T18:21:43Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3/

reference_id

ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T18:21:43Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3/

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:2.1:::::::
reference_id	cpe:2.3:a:microsoft:asp.net_core:2.1:::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:2.1:::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:3.1:::::::*
reference_id	cpe:2.3:a:microsoft:asp.net_core:3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:3.1:::::::*

reference_url

https://github.com/advisories/GHSA-hxrm-9w7p-39cc

reference_id

GHSA-hxrm-9w7p-39cc

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hxrm-9w7p-39cc

reference_url	https://access.redhat.com/errata/RHSA-2020:3697
reference_id	RHSA-2020:3697
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3697

fixed_packages

url pkg:nuget/Microsoft.Owin@4.1.1

purl pkg:nuget/Microsoft.Owin@4.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-m6bh-57h2-73a3

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Owin@4.1.1

aliases CVE-2020-1045, GHSA-hxrm-9w7p-39cc

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n3cs-wjun-vfhe

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.Owin@2.1.0-rc1

Package Instance