Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:nuget/Microsoft.AspNetCore.App@2.1.4
purl pkg:nuget/Microsoft.AspNetCore.App@2.1.4
Next non-vulnerable version 2.1.22
Latest non-vulnerable version 2.2.6
Risk 4.0
Vulnerabilities affecting this package (6)
Vulnerability Summary Fixed by
VCID-1gtv-nubh-73a9
Aliases:
CVE-2019-0564
GHSA-6px8-22w5-w334
Microsoft Security Advisory CVE-2019-0564: ASP.NET Core Denial of Service Vulnerability
2.1.7
Affected by 5 other vulnerabilities.
2.2.1
Affected by 1 other vulnerability.
VCID-41c2-23ch-x7ft
Aliases:
CVE-2019-1075
GHSA-prrf-397v-83xh
URL Redirection to Untrusted Site ('Open Redirect') A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect, aka 'ASP.NET Core Spoofing Vulnerability'.
2.1.12
Affected by 4 other vulnerabilities.
2.2.6
Affected by 0 other vulnerabilities.
VCID-9zu6-5d4v-f3ht
Aliases:
CVE-2020-0603
GHSA-655q-9gvg-q4cm
Microsoft Security Advisory CVE-2020-0603 : ASP.NET Core Remote Code Execution Vulnerability
2.1.15
Affected by 2 other vulnerabilities.
3.0.1
Affected by 0 other vulnerabilities.
3.1.1
Affected by 0 other vulnerabilities.
VCID-fm28-azef-buh6
Aliases:
CVE-2020-0602
GHSA-23cv-jh4v-vffm
Denial of service in ASP.NET Core A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.
2.1.15
Affected by 2 other vulnerabilities.
3.0.1
Affected by 0 other vulnerabilities.
3.1.1
Affected by 0 other vulnerabilities.
VCID-j761-wgke-97d8
Aliases:
CVE-2020-1597
GHSA-f8qx-mjcq-wfgx
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka `ASP.NET Core Denial of Service Vulnerability`.
2.1.21
Affected by 1 other vulnerability.
VCID-n3cs-wjun-vfhe
Aliases:
CVE-2020-1045
GHSA-hxrm-9w7p-39cc
Cookie parsing failure A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names., aka 'Microsoft ASP.NET Core Security Feature Bypass Vulnerability'.
2.1.22
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-z54f-eupv-n7be Microsoft Security Advisory CVE-2018-8409: ASP.NET Core Denial Of Service Vulnerability CVE-2018-8409
GHSA-j378-6mmw-hqfr

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T22:00:49.480107+00:00 GitLab Importer Affected by VCID-41c2-23ch-x7ft https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2019-1075.yml 38.4.0
2026-04-16T22:00:06.354171+00:00 GitLab Importer Affected by VCID-fm28-azef-buh6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2020-0602.yml 38.4.0
2026-04-16T21:59:53.339590+00:00 GitLab Importer Affected by VCID-9zu6-5d4v-f3ht https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2020-0603.yml 38.4.0
2026-04-16T21:58:02.885891+00:00 GitLab Importer Affected by VCID-j761-wgke-97d8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2020-1597.yml 38.4.0
2026-04-16T21:55:32.776143+00:00 GitLab Importer Affected by VCID-n3cs-wjun-vfhe https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2020-1045.yml 38.4.0
2026-04-16T21:51:03.467756+00:00 GitLab Importer Affected by VCID-1gtv-nubh-73a9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2019-0564.yml 38.4.0
2026-04-16T20:48:26.319847+00:00 GitLab Importer Fixing VCID-z54f-eupv-n7be https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2018-8409.yml 38.4.0
2026-04-11T23:16:25.940893+00:00 GitLab Importer Affected by VCID-41c2-23ch-x7ft https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2019-1075.yml 38.3.0
2026-04-11T23:15:42.188686+00:00 GitLab Importer Affected by VCID-fm28-azef-buh6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2020-0602.yml 38.3.0
2026-04-11T23:15:28.587999+00:00 GitLab Importer Affected by VCID-9zu6-5d4v-f3ht https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2020-0603.yml 38.3.0
2026-04-11T23:13:30.709315+00:00 GitLab Importer Affected by VCID-j761-wgke-97d8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2020-1597.yml 38.3.0
2026-04-11T23:10:54.905186+00:00 GitLab Importer Affected by VCID-n3cs-wjun-vfhe https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2020-1045.yml 38.3.0
2026-04-11T23:07:09.825426+00:00 GitLab Importer Affected by VCID-1gtv-nubh-73a9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2019-0564.yml 38.3.0
2026-04-11T21:59:20.045582+00:00 GitLab Importer Fixing VCID-z54f-eupv-n7be https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2018-8409.yml 38.3.0
2026-04-02T23:24:13.964689+00:00 GitLab Importer Affected by VCID-41c2-23ch-x7ft https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2019-1075.yml 38.1.0
2026-04-02T23:23:33.851785+00:00 GitLab Importer Affected by VCID-fm28-azef-buh6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2020-0602.yml 38.1.0
2026-04-02T23:23:21.213978+00:00 GitLab Importer Affected by VCID-9zu6-5d4v-f3ht https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2020-0603.yml 38.1.0
2026-04-02T23:21:41.478090+00:00 GitLab Importer Affected by VCID-j761-wgke-97d8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2020-1597.yml 38.1.0
2026-04-02T23:19:26.823029+00:00 GitLab Importer Affected by VCID-n3cs-wjun-vfhe https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2020-1045.yml 38.1.0
2026-04-02T23:15:20.422757+00:00 GitLab Importer Affected by VCID-1gtv-nubh-73a9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2019-0564.yml 38.1.0
2026-04-02T22:12:33.301486+00:00 GitLab Importer Fixing VCID-z54f-eupv-n7be https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2018-8409.yml 38.1.0
2026-04-01T17:45:07.492518+00:00 GitLab Importer Affected by VCID-41c2-23ch-x7ft https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2019-1075.yml 38.0.0
2026-04-01T17:44:34.744100+00:00 GitLab Importer Affected by VCID-fm28-azef-buh6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2020-0602.yml 38.0.0
2026-04-01T17:44:24.055166+00:00 GitLab Importer Affected by VCID-9zu6-5d4v-f3ht https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2020-0603.yml 38.0.0
2026-04-01T17:42:32.979021+00:00 GitLab Importer Affected by VCID-j761-wgke-97d8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2020-1597.yml 38.0.0
2026-04-01T17:39:55.521853+00:00 GitLab Importer Affected by VCID-n3cs-wjun-vfhe https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2020-1045.yml 38.0.0
2026-04-01T17:35:21.693741+00:00 GitLab Importer Affected by VCID-1gtv-nubh-73a9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2019-0564.yml 38.0.0
2026-04-01T15:56:46.042048+00:00 GHSA Importer Fixing VCID-z54f-eupv-n7be https://github.com/advisories/GHSA-j378-6mmw-hqfr 38.0.0
2026-04-01T13:03:27.009523+00:00 GithubOSV Importer Fixing VCID-z54f-eupv-n7be https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-j378-6mmw-hqfr/GHSA-j378-6mmw-hqfr.json 38.0.0
2026-04-01T12:48:01.415321+00:00 GitLab Importer Fixing VCID-z54f-eupv-n7be https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.App/CVE-2018-8409.yml 38.0.0
2026-04-01T12:38:29.999643+00:00 RetireDotNet Importer Fixing VCID-z54f-eupv-n7be https://github.com/RetireNet/Packages/blob/master/Content/9.json 38.0.0
2026-04-01T12:38:29.612368+00:00 RetireDotNet Importer Affected by VCID-1gtv-nubh-73a9 https://github.com/RetireNet/Packages/blob/master/Content/12.json 38.0.0