VulnerableCode Package Details - pkg:nuget/Microsoft.AspNetCore.All@1.0.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:nuget/Microsoft.AspNetCore.All@1.0.0

Essentials
History (7)

purl	pkg:nuget/Microsoft.AspNetCore.All@1.0.0
Tags	Ghost

Next non-vulnerable version	2.1.30
Latest non-vulnerable version	2.1.30
Risk	4.0

Vulnerabilities affecting this package (7)

Vulnerability	Summary	Fixed by
VCID-bmf7-rsbm-3fb1 Aliases: CVE-2017-8700 GHSA-3rp6-rjw4-cq39	Microsoft Security Advisory CVE-2017-8700: CORS bypass can enable Information Disclosure	2.0.3 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-kn85-7zpm-rqcp Aliases: CVE-2018-0808	Privilege Escalation ASP.NET Core allow an elevation of privilege vulnerability due to how ASP.NET web applications handle web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0784.	2.0.3 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-r262-q86s-pue7 Aliases: CVE-2018-0787 GHSA-365p-96qv-xr7g	Weak Password Recovery Mechanism for Forgotten Password ASP.NET Core allow an elevation of privilege vulnerability due to how web applications that are created from templates validate web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability".	2.0.3 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-stea-61x4-xua6 Aliases: CVE-2018-0875 GHSA-xcvr-qv8h-m7xw	Uncontrolled Resource Consumption .NET Core, .NET Core, NET Core and PowerShell Core allow a denial of Service vulnerability due to how specially crafted requests are handled, aka ".NET Core Denial of Service Vulnerability".	2.0.0-preview1-final Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.0.3 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-ucc7-eecy-6qgq Aliases: CVE-2018-8356 GHSA-p9wx-v264-q34p	Microsoft Security Advisory CVE-2018-8356: .NET Core Security Feature Bypass Vulnerability	2.0.3 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-vavn-24a8-e7d4 Aliases: CVE-2018-8171 GHSA-vhvh-528q-ff3p	Microsoft Security Advisory CVE-2018-8171: ASP.NET Core Security Feature Bypass Vulnerability	2.0.3 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-zdjb-98e7-6bgn Aliases: CVE-2018-8292 GHSA-7jgj-8wvc-jh57	Microsoft Security Advisory CVE-2018-8292: .NET Core Information Disclosure Vulnerability	2.1.1 Affected by 10 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T12:47:59.450813+00:00	GitLab Importer	Affected by	VCID-zdjb-98e7-6bgn	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.All/CVE-2018-8292.yml	38.0.0
2026-04-01T12:47:50.235156+00:00	GitLab Importer	Affected by	VCID-ucc7-eecy-6qgq	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.All/CVE-2018-8356.yml	38.0.0
2026-04-01T12:47:50.177332+00:00	GitLab Importer	Affected by	VCID-vavn-24a8-e7d4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.All/CVE-2018-8171.yml	38.0.0
2026-04-01T12:47:37.373078+00:00	GitLab Importer	Affected by	VCID-stea-61x4-xua6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.All/CVE-2018-0875.yml	38.0.0
2026-04-01T12:47:37.351282+00:00	GitLab Importer	Affected by	VCID-kn85-7zpm-rqcp	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.All/CVE-2018-0808.yml	38.0.0
2026-04-01T12:47:37.295109+00:00	GitLab Importer	Affected by	VCID-r262-q86s-pue7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.All/CVE-2018-0787.yml	38.0.0
2026-04-01T12:47:29.183429+00:00	GitLab Importer	Affected by	VCID-bmf7-rsbm-3fb1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.All/CVE-2017-8700.yml	38.0.0