Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:nuget/Microsoft.AspNetCore.All@3.1.0

Type nuget

Namespace

Name Microsoft.AspNetCore.All

Version 3.1.0

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url VCID-9zu6-5d4v-f3ht

vulnerability_id VCID-9zu6-5d4v-f3ht

summary Microsoft Security Advisory CVE-2020-0603 : ASP.NET Core Remote Code Execution Vulnerability

references

reference_url

https://access.redhat.com/errata/RHSA-2020:0130

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2020:0130

reference_url

https://access.redhat.com/errata/RHSA-2020:0134

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2020:0134

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-0603.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-0603.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-0603

reference_id

reference_type

scores

value	0.10785
scoring_system	epss
scoring_elements	0.93348
published_at	2026-04-13T12:55:00Z

value	0.10785
scoring_system	epss
scoring_elements	0.93318
published_at	2026-04-01T12:55:00Z

value	0.10785
scoring_system	epss
scoring_elements	0.93326
published_at	2026-04-02T12:55:00Z

value	0.10785
scoring_system	epss
scoring_elements	0.93349
published_at	2026-04-11T12:55:00Z

value	0.10785
scoring_system	epss
scoring_elements	0.93333
published_at	2026-04-04T12:55:00Z

value	0.10785
scoring_system	epss
scoring_elements	0.93332
published_at	2026-04-07T12:55:00Z

value	0.10785
scoring_system	epss
scoring_elements	0.93345
published_at	2026-04-09T12:55:00Z

value	0.10785
scoring_system	epss
scoring_elements	0.9334
published_at	2026-04-08T12:55:00Z

value	0.10785
scoring_system	epss
scoring_elements	0.93371
published_at	2026-04-18T12:55:00Z

value	0.10785
scoring_system	epss
scoring_elements	0.93366
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-0603

reference_url

https://github.com/aspnet/Announcements/issues/403

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/aspnet/Announcements/issues/403

reference_url

https://github.com/github/advisory-database/issues/302

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/github/advisory-database/issues/302

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-0603

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-0603

reference_url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0603

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0603

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1789624
reference_id	1789624
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1789624

reference_url

https://github.com/advisories/GHSA-655q-9gvg-q4cm

reference_id

GHSA-655q-9gvg-q4cm

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-655q-9gvg-q4cm

fixed_packages

url	pkg:nuget/Microsoft.AspNetCore.All@3.1.1
purl	pkg:nuget/Microsoft.AspNetCore.All@3.1.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@3.1.1

aliases CVE-2020-0603, GHSA-655q-9gvg-q4cm

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9zu6-5d4v-f3ht

url VCID-aqyy-zs6z-v7ar

vulnerability_id VCID-aqyy-zs6z-v7ar

summary

Exposure of Sensitive Information to an Unauthorized Actor
The type of information that could be disclosed if an attacker successfully exploited this vulnerability is data inside the targeted website like IDs, tokens, nonces, and other sensitive information.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-34532.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-34532.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-34532

reference_id

reference_type

scores

value	0.00266
scoring_system	epss
scoring_elements	0.50115
published_at	2026-04-18T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50114
published_at	2026-04-16T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50083
published_at	2026-04-09T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50074
published_at	2026-04-12T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.501
published_at	2026-04-11T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.5007
published_at	2026-04-13T12:55:00Z

value	0.0029
scoring_system	epss
scoring_elements	0.52373
published_at	2026-04-02T12:55:00Z

value	0.0029
scoring_system	epss
scoring_elements	0.52366
published_at	2026-04-07T12:55:00Z

value	0.0029
scoring_system	epss
scoring_elements	0.52401
published_at	2026-04-04T12:55:00Z

value	0.0029
scoring_system	epss
scoring_elements	0.52328
published_at	2026-04-01T12:55:00Z

value	0.0029
scoring_system	epss
scoring_elements	0.52419
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-34532

reference_url	https://github.com/dotnet/announcements/issues/195
reference_id
reference_type
scores
url	https://github.com/dotnet/announcements/issues/195

reference_url

https://github.com/dotnet/aspnetcore

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1990300
reference_id	1990300
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1990300

reference_url

https://security.archlinux.org/AVG-2277

reference_id

AVG-2277

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2277

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-34532

reference_id

CVE-2021-34532

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-34532

reference_url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34532

reference_id

CVE-2021-34532

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34532

reference_url

https://github.com/advisories/GHSA-q7cg-43mg-qp69

reference_id

GHSA-q7cg-43mg-qp69

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-q7cg-43mg-qp69

reference_url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-q7cg-43mg-qp69

reference_id

GHSA-q7cg-43mg-qp69

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore/security/advisories/GHSA-q7cg-43mg-qp69

reference_url	https://access.redhat.com/errata/RHSA-2021:3142
reference_id	RHSA-2021:3142
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3142

reference_url	https://access.redhat.com/errata/RHSA-2021:3143
reference_id	RHSA-2021:3143
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3143

reference_url	https://access.redhat.com/errata/RHSA-2021:3147
reference_id	RHSA-2021:3147
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3147

reference_url	https://access.redhat.com/errata/RHSA-2021:3148
reference_id	RHSA-2021:3148
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3148

fixed_packages

url	pkg:nuget/Microsoft.AspNetCore.All@3.1.18
purl	pkg:nuget/Microsoft.AspNetCore.All@3.1.18
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@3.1.18

url	pkg:nuget/Microsoft.AspNetCore.All@5.0.9
purl	pkg:nuget/Microsoft.AspNetCore.All@5.0.9
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@5.0.9

aliases CVE-2021-34532, GHSA-q7cg-43mg-qp69

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aqyy-zs6z-v7ar

url

VCID-caba-95ag-9yf8

vulnerability_id

VCID-caba-95ag-9yf8

summary

Improper Privilege Management
ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43877.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43877.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43877

reference_id

reference_type

scores

value	0.00681
scoring_system	epss
scoring_elements	0.71556
published_at	2026-04-01T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71563
published_at	2026-04-02T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.7158
published_at	2026-04-04T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71553
published_at	2026-04-07T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71593
published_at	2026-04-13T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71604
published_at	2026-04-09T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71627
published_at	2026-04-11T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71611
published_at	2026-04-12T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71637
published_at	2026-04-16T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71642
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43877

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2031201
reference_id	2031201
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2031201

reference_url

https://security.archlinux.org/AVG-2642

reference_id

AVG-2642

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2642

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-43877
reference_id	CVE-2021-43877
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-43877

reference_url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43877
reference_id	CVE-2021-43877
reference_type
scores
url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43877

fixed_packages

aliases

CVE-2021-43877

risk_score

3.5

exploitability

0.5

weighted_severity

7.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-caba-95ag-9yf8

url VCID-fm28-azef-buh6

vulnerability_id VCID-fm28-azef-buh6

summary

Denial of service in ASP.NET Core
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.

references

reference_url

https://access.redhat.com/errata/RHSA-2020:0130

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2020:0130

reference_url

https://access.redhat.com/errata/RHSA-2020:0134

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2020:0134

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-0602.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-0602.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-0602

reference_id

reference_type

scores

value	0.04034
scoring_system	epss
scoring_elements	0.88495
published_at	2026-04-13T12:55:00Z

value	0.04034
scoring_system	epss
scoring_elements	0.88441
published_at	2026-04-01T12:55:00Z

value	0.04034
scoring_system	epss
scoring_elements	0.88449
published_at	2026-04-02T12:55:00Z

value	0.04034
scoring_system	epss
scoring_elements	0.88503
published_at	2026-04-11T12:55:00Z

value	0.04034
scoring_system	epss
scoring_elements	0.88464
published_at	2026-04-04T12:55:00Z

value	0.04034
scoring_system	epss
scoring_elements	0.88467
published_at	2026-04-07T12:55:00Z

value	0.04034
scoring_system	epss
scoring_elements	0.88492
published_at	2026-04-09T12:55:00Z

value	0.04034
scoring_system	epss
scoring_elements	0.88486
published_at	2026-04-08T12:55:00Z

value	0.04034
scoring_system	epss
scoring_elements	0.88506
published_at	2026-04-18T12:55:00Z

value	0.04034
scoring_system	epss
scoring_elements	0.88509
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-0602

reference_url

https://github.com/aspnet/Announcements/issues/402

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/aspnet/Announcements/issues/402

reference_url

https://github.com/github/advisory-database/issues/302

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/github/advisory-database/issues/302

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-0602

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-0602

reference_url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0602

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0602

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1789623
reference_id	1789623
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1789623

reference_url

https://github.com/advisories/GHSA-23cv-jh4v-vffm

reference_id

GHSA-23cv-jh4v-vffm

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-23cv-jh4v-vffm

fixed_packages

url	pkg:nuget/Microsoft.AspNetCore.All@3.1.1
purl	pkg:nuget/Microsoft.AspNetCore.All@3.1.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@3.1.1

aliases CVE-2020-0602, GHSA-23cv-jh4v-vffm

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fm28-azef-buh6

url VCID-j761-wgke-97d8

vulnerability_id VCID-j761-wgke-97d8

summary A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka `ASP.NET Core Denial of Service Vulnerability`.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1597.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1597.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-1597

reference_id

reference_type

scores

value	0.07555
scoring_system	epss
scoring_elements	0.91845
published_at	2026-04-18T12:55:00Z

value	0.07555
scoring_system	epss
scoring_elements	0.91835
published_at	2026-04-12T12:55:00Z

value	0.07555
scoring_system	epss
scoring_elements	0.91851
published_at	2026-04-16T12:55:00Z

value	0.07555
scoring_system	epss
scoring_elements	0.91831
published_at	2026-04-13T12:55:00Z

value	0.07555
scoring_system	epss
scoring_elements	0.91788
published_at	2026-04-01T12:55:00Z

value	0.07555
scoring_system	epss
scoring_elements	0.91796
published_at	2026-04-02T12:55:00Z

value	0.07555
scoring_system	epss
scoring_elements	0.91802
published_at	2026-04-04T12:55:00Z

value	0.07555
scoring_system	epss
scoring_elements	0.9181
published_at	2026-04-07T12:55:00Z

value	0.07555
scoring_system	epss
scoring_elements	0.91823
published_at	2026-04-08T12:55:00Z

value	0.07555
scoring_system	epss
scoring_elements	0.91829
published_at	2026-04-09T12:55:00Z

value	0.07555
scoring_system	epss
scoring_elements	0.91833
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-1597

reference_url

https://github.com/dotnet/announcements/issues/162

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/announcements/issues/162

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO/

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-1597

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-1597

reference_url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1597

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1597

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1861110
reference_id	1861110
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1861110

reference_url

https://github.com/advisories/GHSA-f8qx-mjcq-wfgx

reference_id

GHSA-f8qx-mjcq-wfgx

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-f8qx-mjcq-wfgx

reference_url	https://access.redhat.com/errata/RHSA-2020:3421
reference_id	RHSA-2020:3421
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3421

reference_url	https://access.redhat.com/errata/RHSA-2020:3422
reference_id	RHSA-2020:3422
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3422

fixed_packages

url	pkg:nuget/Microsoft.AspNetCore.All@3.1.7
purl	pkg:nuget/Microsoft.AspNetCore.All@3.1.7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@3.1.7

aliases CVE-2020-1597, GHSA-f8qx-mjcq-wfgx

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j761-wgke-97d8

url VCID-n3cs-wjun-vfhe

vulnerability_id VCID-n3cs-wjun-vfhe

summary

Cookie parsing failure
A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names., aka 'Microsoft ASP.NET Core Security Feature Bypass Vulnerability'.

references

reference_url

https://access.redhat.com/errata/RHSA-2020:3699

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T18:21:43Z/

url

https://access.redhat.com/errata/RHSA-2020:3699

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1045.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1045.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-1045

reference_id

reference_type

scores

value	0.20401
scoring_system	epss
scoring_elements	0.95537
published_at	2026-04-11T12:55:00Z

value	0.20401
scoring_system	epss
scoring_elements	0.95533
published_at	2026-04-09T12:55:00Z

value	0.20401
scoring_system	epss
scoring_elements	0.9553
published_at	2026-04-08T12:55:00Z

value	0.20401
scoring_system	epss
scoring_elements	0.95524
published_at	2026-04-07T12:55:00Z

value	0.20401
scoring_system	epss
scoring_elements	0.9552
published_at	2026-04-04T12:55:00Z

value	0.20401
scoring_system	epss
scoring_elements	0.95505
published_at	2026-04-01T12:55:00Z

value	0.20401
scoring_system	epss
scoring_elements	0.95555
published_at	2026-04-18T12:55:00Z

value	0.20401
scoring_system	epss
scoring_elements	0.95549
published_at	2026-04-16T12:55:00Z

value	0.20401
scoring_system	epss
scoring_elements	0.9554
published_at	2026-04-13T12:55:00Z

value	0.20401
scoring_system	epss
scoring_elements	0.95539
published_at	2026-04-12T12:55:00Z

value	0.20401
scoring_system	epss
scoring_elements	0.95514
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-1045

reference_url

https://github.com/dotnet/announcements/issues/165

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/announcements/issues/165

reference_url

https://github.com/dotnet/aspnetcore/issues/25701

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore/issues/25701

reference_url

https://github.com/dotnet/aspnetcore/issues/25701#issuecomment-689434477

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore/issues/25701#issuecomment-689434477

reference_url

https://github.com/dotnet/aspnetcore/pull/24264

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/aspnetcore/pull/24264

reference_url

https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.8/3.1.8.md#changes-in-318

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T18:21:43Z/

url

https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.8/3.1.8.md#changes-in-318

reference_url

https://github.com/github/advisory-database/issues/302

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/github/advisory-database/issues/302

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3/

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-1045

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-1045

reference_url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1045

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T18:21:43Z/

url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1045

reference_url

https://security.snyk.io/vuln/SNYK-RHEL8-DOTNET-1439600

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T18:21:43Z/

url

https://security.snyk.io/vuln/SNYK-RHEL8-DOTNET-1439600

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1873451
reference_id	1873451
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1873451

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB/

reference_id

5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T18:21:43Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3/

reference_id

ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T18:21:43Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3/

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:2.1:::::::
reference_id	cpe:2.3:a:microsoft:asp.net_core:2.1:::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:2.1:::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:3.1:::::::*
reference_id	cpe:2.3:a:microsoft:asp.net_core:3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:asp.net_core:3.1:::::::*

reference_url

https://github.com/advisories/GHSA-hxrm-9w7p-39cc

reference_id

GHSA-hxrm-9w7p-39cc

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hxrm-9w7p-39cc

reference_url	https://access.redhat.com/errata/RHSA-2020:3697
reference_id	RHSA-2020:3697
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3697

fixed_packages

url	pkg:nuget/Microsoft.AspNetCore.All@3.1.8
purl	pkg:nuget/Microsoft.AspNetCore.All@3.1.8
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@3.1.8

aliases CVE-2020-1045, GHSA-hxrm-9w7p-39cc

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n3cs-wjun-vfhe

url VCID-nx74-pj4e-4fde

vulnerability_id VCID-nx74-pj4e-4fde

summary

ASP.NET Core and Visual Studio Denial of Service Vulnerability
A denial-of-service vulnerability exists in the way Kestrel parses HTTP/2 requests. The security update addresses the vulnerability by fixing the way the Kestrel parses HTTP/2 requests. Users are advised to upgrade.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-1723.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-1723.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-1723

reference_id

reference_type

scores

value	0.04579
scoring_system	epss
scoring_elements	0.89229
published_at	2026-04-18T12:55:00Z

value	0.04579
scoring_system	epss
scoring_elements	0.89169
published_at	2026-04-01T12:55:00Z

value	0.04579
scoring_system	epss
scoring_elements	0.89175
published_at	2026-04-02T12:55:00Z

value	0.04579
scoring_system	epss
scoring_elements	0.89189
published_at	2026-04-04T12:55:00Z

value	0.04579
scoring_system	epss
scoring_elements	0.89192
published_at	2026-04-07T12:55:00Z

value	0.04579
scoring_system	epss
scoring_elements	0.8921
published_at	2026-04-08T12:55:00Z

value	0.04579
scoring_system	epss
scoring_elements	0.89214
published_at	2026-04-09T12:55:00Z

value	0.04579
scoring_system	epss
scoring_elements	0.89224
published_at	2026-04-11T12:55:00Z

value	0.04579
scoring_system	epss
scoring_elements	0.8922
published_at	2026-04-12T12:55:00Z

value	0.04579
scoring_system	epss
scoring_elements	0.89217
published_at	2026-04-13T12:55:00Z

value	0.04579
scoring_system	epss
scoring_elements	0.8923
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-1723

reference_url

https://github.com/dotnet/announcements/issues/170

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/dotnet/announcements/issues/170

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L27CGRVEWUPELNJOGTCW6GLEDBECB4B

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L27CGRVEWUPELNJOGTCW6GLEDBECB4B

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRXHERXW4KR5WCP76UDW5PC7GX3YQLUW

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRXHERXW4KR5WCP76UDW5PC7GX3YQLUW

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1723

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1723

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-1723

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-1723

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1914258
reference_id	1914258
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1914258

reference_url	https://security.archlinux.org/ASA-202103-16
reference_id	ASA-202103-16
reference_type
scores
url	https://security.archlinux.org/ASA-202103-16

reference_url	https://security.archlinux.org/ASA-202103-17
reference_id	ASA-202103-17
reference_type
scores
url	https://security.archlinux.org/ASA-202103-17

reference_url

https://security.archlinux.org/AVG-1449

reference_id

AVG-1449

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1449

reference_url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1723
reference_id	CVE-2021-1723
reference_type
scores
url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1723

reference_url

https://github.com/advisories/GHSA-242j-2gm6-5rwx

reference_id

GHSA-242j-2gm6-5rwx

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-242j-2gm6-5rwx

reference_url	https://access.redhat.com/errata/RHSA-2021:0094
reference_id	RHSA-2021:0094
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0094

reference_url	https://access.redhat.com/errata/RHSA-2021:0095
reference_id	RHSA-2021:0095
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0095

reference_url	https://access.redhat.com/errata/RHSA-2021:0096
reference_id	RHSA-2021:0096
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0096

reference_url	https://access.redhat.com/errata/RHSA-2021:0114
reference_id	RHSA-2021:0114
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0114

fixed_packages

url	pkg:nuget/Microsoft.AspNetCore.All@3.1.11
purl	pkg:nuget/Microsoft.AspNetCore.All@3.1.11
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@3.1.11

url	pkg:nuget/Microsoft.AspNetCore.All@5.0.2
purl	pkg:nuget/Microsoft.AspNetCore.All@5.0.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@5.0.2

aliases CVE-2021-1723, GHSA-242j-2gm6-5rwx

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nx74-pj4e-4fde

url VCID-puaf-7ge8-nbhg

vulnerability_id VCID-puaf-7ge8-nbhg

summary A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1161.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1161.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-1161

reference_id

reference_type

scores

value	0.04127
scoring_system	epss
scoring_elements	0.88649
published_at	2026-04-18T12:55:00Z

value	0.04127
scoring_system	epss
scoring_elements	0.88653
published_at	2026-04-16T12:55:00Z

value	0.04127
scoring_system	epss
scoring_elements	0.88639
published_at	2026-04-13T12:55:00Z

value	0.04127
scoring_system	epss
scoring_elements	0.88647
published_at	2026-04-11T12:55:00Z

value	0.04127
scoring_system	epss
scoring_elements	0.88635
published_at	2026-04-09T12:55:00Z

value	0.04127
scoring_system	epss
scoring_elements	0.88584
published_at	2026-04-01T12:55:00Z

value	0.04127
scoring_system	epss
scoring_elements	0.88593
published_at	2026-04-02T12:55:00Z

value	0.04127
scoring_system	epss
scoring_elements	0.8863
published_at	2026-04-08T12:55:00Z

value	0.04127
scoring_system	epss
scoring_elements	0.88612
published_at	2026-04-07T12:55:00Z

value	0.04127
scoring_system	epss
scoring_elements	0.8861
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-1161

reference_url

https://github.com/aspnet/Announcements/issues/416

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/aspnet/Announcements/issues/416

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-1161

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-1161

reference_url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1161

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1161

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1827645
reference_id	1827645
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1827645

reference_url

https://github.com/advisories/GHSA-3cf7-7wq6-8842

reference_id

GHSA-3cf7-7wq6-8842

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-3cf7-7wq6-8842

reference_url	https://access.redhat.com/errata/RHSA-2020:2249
reference_id	RHSA-2020:2249
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2249

reference_url	https://access.redhat.com/errata/RHSA-2020:2250
reference_id	RHSA-2020:2250
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2250

fixed_packages

url	pkg:nuget/Microsoft.AspNetCore.All@3.1.4
purl	pkg:nuget/Microsoft.AspNetCore.All@3.1.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@3.1.4

aliases CVE-2020-1161, GHSA-3cf7-7wq6-8842

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-puaf-7ge8-nbhg

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@3.1.0

Package Instance