Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:nuget/Microsoft.AspNetCore.All@2.2.0

Type nuget

Namespace

Name Microsoft.AspNetCore.All

Version 2.2.0

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2.2.7

Latest_non_vulnerable_version 5.0.9

Affected_by_vulnerabilities

url VCID-c94t-hevg-xych

vulnerability_id VCID-c94t-hevg-xych

summary

Uncontrolled Resource Consumption
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka "ASP.NET Core Denial of Service Vulnerability." This affects ASP.NET Core, ASP.NET Core This CVE ID is unique from CVE-2019-0564.

references

reference_url	https://access.redhat.com/errata/RHSA-2019:0040
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0040

reference_url	http://www.securityfocus.com/bid/106410
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/106410

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2019-0548
reference_id	CVE-2019-0548
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2019-0548

reference_url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0548
reference_id	CVE-2019-0548
reference_type
scores
url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0548

fixed_packages

aliases CVE-2019-0548

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c94t-hevg-xych

url VCID-v6vu-9ybt-tqbc

vulnerability_id VCID-v6vu-9ybt-tqbc

summary Microsoft Security Advisory CVE-2019-0564: ASP.NET Core Denial of Service Vulnerability

references

reference_url	https://access.redhat.com/errata/RHSA-2019:0040
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0040

reference_url	https://github.com/aspnet/Announcements/issues/334
reference_id
reference_type
scores
url	https://github.com/aspnet/Announcements/issues/334

reference_url	https://github.com/github/advisory-database/issues/302
reference_id
reference_type
scores
url	https://github.com/github/advisory-database/issues/302

reference_url	http://www.securityfocus.com/bid/106413
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/106413

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2019-0564
reference_id	CVE-2019-0564
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2019-0564

reference_url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0564
reference_id	CVE-2019-0564
reference_type
scores
url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0564

reference_url	https://github.com/advisories/GHSA-6px8-22w5-w334
reference_id	GHSA-6px8-22w5-w334
reference_type
scores
url	https://github.com/advisories/GHSA-6px8-22w5-w334

fixed_packages

url pkg:nuget/Microsoft.AspNetCore.All@2.2.1

purl pkg:nuget/Microsoft.AspNetCore.All@2.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-xgtm-9d66-rugc

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.2.1

aliases CVE-2019-0564, GHSA-6px8-22w5-w334

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v6vu-9ybt-tqbc

url VCID-vrkf-8nhe-7uc6

vulnerability_id VCID-vrkf-8nhe-7uc6

summary Microsoft Security Advisory CVE-2019-0982: ASP.NET Core Denial of Service Vulnerability

references

reference_url	https://github.com/aspnet/Announcements/issues/359
reference_id
reference_type
scores
url	https://github.com/aspnet/Announcements/issues/359

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2019-0982
reference_id	CVE-2019-0982
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2019-0982

reference_url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0982
reference_id	CVE-2019-0982
reference_type
scores
url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0982

fixed_packages

aliases CVE-2019-0982

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vrkf-8nhe-7uc6

url VCID-xgtm-9d66-rugc

vulnerability_id VCID-xgtm-9d66-rugc

summary Microsoft Security Advisory CVE-2018-8269: Denial of Service Vulnerability in OData

references

reference_url	https://github.com/aspnet/Announcements/issues/385
reference_id
reference_type
scores
url	https://github.com/aspnet/Announcements/issues/385

reference_url	https://github.com/dotnet/aspnetcore/issues/13860
reference_id
reference_type
scores
url	https://github.com/dotnet/aspnetcore/issues/13860

reference_url	https://github.com/github/advisory-database/issues/302
reference_id
reference_type
scores
url	https://github.com/github/advisory-database/issues/302

reference_url	https://www.exploit-db.com/exploits/46101/
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/46101/

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/46101.rb
reference_id	CVE-2018-8269
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/46101.rb

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2018-8269
reference_id	CVE-2018-8269
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2018-8269

reference_url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8269
reference_id	CVE-2018-8269
reference_type
scores
url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8269

reference_url	https://github.com/advisories/GHSA-mv2r-q4g5-j8q5
reference_id	GHSA-mv2r-q4g5-j8q5
reference_type
scores
url	https://github.com/advisories/GHSA-mv2r-q4g5-j8q5

fixed_packages

url	pkg:nuget/Microsoft.AspNetCore.All@2.2.7
purl	pkg:nuget/Microsoft.AspNetCore.All@2.2.7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.2.7

aliases CVE-2018-8269, GHSA-mv2r-q4g5-j8q5

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xgtm-9d66-rugc

url VCID-xnp7-eqhh-tkhd

vulnerability_id VCID-xnp7-eqhh-tkhd

summary

Uncontrolled Resource Consumption
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.

references

reference_url	http://www.securityfocus.com/bid/107701
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/107701

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2019-0815
reference_id	CVE-2019-0815
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2019-0815

reference_url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0815
reference_id	CVE-2019-0815
reference_type
scores
url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0815

fixed_packages

aliases CVE-2019-0815

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xnp7-eqhh-tkhd

Fixing_vulnerabilities

url VCID-v6vu-9ybt-tqbc

vulnerability_id VCID-v6vu-9ybt-tqbc

summary Microsoft Security Advisory CVE-2019-0564: ASP.NET Core Denial of Service Vulnerability

references

reference_url	https://access.redhat.com/errata/RHSA-2019:0040
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0040

reference_url	https://github.com/aspnet/Announcements/issues/334
reference_id
reference_type
scores
url	https://github.com/aspnet/Announcements/issues/334

reference_url	https://github.com/github/advisory-database/issues/302
reference_id
reference_type
scores
url	https://github.com/github/advisory-database/issues/302

reference_url	http://www.securityfocus.com/bid/106413
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/106413

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2019-0564
reference_id	CVE-2019-0564
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2019-0564

reference_url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0564
reference_id	CVE-2019-0564
reference_type
scores
url	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0564

reference_url	https://github.com/advisories/GHSA-6px8-22w5-w334
reference_id	GHSA-6px8-22w5-w334
reference_type
scores
url	https://github.com/advisories/GHSA-6px8-22w5-w334

fixed_packages

url pkg:nuget/Microsoft.AspNetCore.All@2.1.7

purl pkg:nuget/Microsoft.AspNetCore.All@2.1.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-xgtm-9d66-rugc

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.1.7

url pkg:nuget/Microsoft.AspNetCore.All@2.2.0

purl pkg:nuget/Microsoft.AspNetCore.All@2.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-c94t-hevg-xych

vulnerability	VCID-v6vu-9ybt-tqbc

vulnerability	VCID-vrkf-8nhe-7uc6

vulnerability	VCID-xgtm-9d66-rugc

vulnerability	VCID-xnp7-eqhh-tkhd

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.2.0

url pkg:nuget/Microsoft.AspNetCore.All@2.2.1

purl pkg:nuget/Microsoft.AspNetCore.All@2.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-xgtm-9d66-rugc

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.2.1

aliases CVE-2019-0564, GHSA-6px8-22w5-w334

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v6vu-9ybt-tqbc

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.All@2.2.0

Package Instance