Search for packages
| purl | pkg:nuget/Microsoft.AspNetCore.All@2.1.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1gtv-nubh-73a9
Aliases: CVE-2019-0564 GHSA-6px8-22w5-w334 |
Microsoft Security Advisory CVE-2019-0564: ASP.NET Core Denial of Service Vulnerability |
Affected by 5 other vulnerabilities. Affected by 9 other vulnerabilities. Affected by 4 other vulnerabilities. |
|
VCID-aqyy-zs6z-v7ar
Aliases: CVE-2021-34532 GHSA-q7cg-43mg-qp69 |
Exposure of Sensitive Information to an Unauthorized Actor The type of information that could be disclosed if an attacker successfully exploited this vulnerability is data inside the targeted website like IDs, tokens, nonces, and other sensitive information. |
Affected by 8 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-cja1-29th-9qbf
Aliases: CVE-2019-0548 |
Uncontrolled Resource Consumption A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka "ASP.NET Core Denial of Service Vulnerability." This affects ASP.NET Core, ASP.NET Core This CVE ID is unique from CVE-2019-0564. | There are no reported fixed by versions. |
|
VCID-ct2x-rftj-tydp
Aliases: GHSA-cgpw-2gph-2r9g GMS-2018-36 GMS-2018-38 GMS-2018-44 |
Moderate severity vulnerability that affects Microsoft.AspNetCore.All, Microsoft.AspNetCore.App, and Microsoft.AspNetCore.Server.Kestrel.Core Microsoft is aware of a denial of service vulnerability in ASP.NET Core when a malformed request is terminated. An attacker who successfully exploited this vulnerability could cause a denial of service attack. The update addresses the vulnerability by correcting how ASP.NET Core handles such requests. |
Affected by 9 other vulnerabilities. |
|
VCID-j761-wgke-97d8
Aliases: CVE-2020-1597 GHSA-f8qx-mjcq-wfgx |
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka `ASP.NET Core Denial of Service Vulnerability`. |
Affected by 2 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-mrdj-nvz7-xyet
Aliases: CVE-2019-0982 GHSA-4jxx-4qxw-prxm |
Microsoft Security Advisory CVE-2019-0982: ASP.NET Core Denial of Service Vulnerability |
Affected by 4 other vulnerabilities. |
|
VCID-n3cs-wjun-vfhe
Aliases: CVE-2020-1045 GHSA-hxrm-9w7p-39cc |
Cookie parsing failure A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names., aka 'Microsoft ASP.NET Core Security Feature Bypass Vulnerability'. |
Affected by 0 other vulnerabilities. |
|
VCID-pa95-mtgb-yuf2
Aliases: CVE-2019-1302 GHSA-xr8f-59pp-rxxh |
Microsoft Security Advisory CVE-2019-1302: ASP.NET Core Elevation Of Privilege Vulnerability | There are no reported fixed by versions. |
|
VCID-wzeg-jdcg-tfct
Aliases: CVE-2018-8269 GHSA-mv2r-q4g5-j8q5 |
Microsoft Security Advisory CVE-2018-8269: Denial of Service Vulnerability in OData |
Affected by 3 other vulnerabilities. Affected by 5 other vulnerabilities. Affected by 3 other vulnerabilities. |
|
VCID-z54f-eupv-n7be
Aliases: CVE-2018-8409 GHSA-j378-6mmw-hqfr |
Microsoft Security Advisory CVE-2018-8409: ASP.NET Core Denial Of Service Vulnerability |
Affected by 7 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1gtv-nubh-73a9 | Microsoft Security Advisory CVE-2019-0564: ASP.NET Core Denial of Service Vulnerability |
CVE-2019-0564
GHSA-6px8-22w5-w334 |
| VCID-5crw-96ay-a7b7 | Microsoft Security Advisory CVE-2018-8416: .NET Core Tampering Vulnerability |
CVE-2018-8416
GHSA-5633-f33j-c6f7 |
| VCID-9zu6-5d4v-f3ht | Microsoft Security Advisory CVE-2020-0603 : ASP.NET Core Remote Code Execution Vulnerability |
CVE-2020-0603
GHSA-655q-9gvg-q4cm |
| VCID-eeub-ree5-dyez | Uncontrolled Resource Consumption .NET and Visual Studio Denial of Service Vulnerability |
CVE-2023-38180
GHSA-vmch-3w2x-vhgq |
| VCID-fm28-azef-buh6 | Denial of service in ASP.NET Core A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'. |
CVE-2020-0602
GHSA-23cv-jh4v-vffm |
| VCID-z54f-eupv-n7be | Microsoft Security Advisory CVE-2018-8409: ASP.NET Core Denial Of Service Vulnerability |
CVE-2018-8409
GHSA-j378-6mmw-hqfr |
| VCID-zdjb-98e7-6bgn | Microsoft Security Advisory CVE-2018-8292: .NET Core Information Disclosure Vulnerability |
CVE-2018-8292
GHSA-7jgj-8wvc-jh57 |