VulnerableCode Package Details - pkg:nuget/System.Net.Http.WinHttpHandler@4.0.1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-axvm-3dh9-3kf6	Improper Input Validation A denial of service vulnerability exists when the ASP.NET Core fails to properly validate web requests. NOTE: Microsoft has not commented on third-party claims that the issue is that the TextEncoder.EncodeCore function in the System.Text.Encodings.Web package in ASP.NET Core Mvc allows remote attackers to cause a denial of service by leveraging failure to properly calculate the length of 4-byte characters in the Unicode Non-Character range.	CVE-2017-0247 GHSA-6xh7-4v2w-36q6
VCID-b2mg-kc6t-z7ht	Improper Input Validation A spoofing vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.	CVE-2017-0256 GHSA-j8f4-2w4p-mhjc
VCID-j4d8-wr24-63d3	Improper Certificate Validation Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to bypass Enhanced Security Usage taggings when they present a certificate that is invalid for a specific use, aka ".NET Security Feature Bypass Vulnerability."	CVE-2017-0248 GHSA-ch6p-4jcm-h8vh
VCID-mrpr-pw4n-bfae	Improper Input Validation An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.	CVE-2017-0249 GHSA-qhqf-ghgh-x2m4

Vulnerability

Summary

Aliases

VCID-axvm-3dh9-3kf6

Improper Input Validation A denial of service vulnerability exists when the ASP.NET Core fails to properly validate web requests. NOTE: Microsoft has not commented on third-party claims that the issue is that the TextEncoder.EncodeCore function in the System.Text.Encodings.Web package in ASP.NET Core Mvc allows remote attackers to cause a denial of service by leveraging failure to properly calculate the length of 4-byte characters in the Unicode Non-Character range.

CVE-2017-0247
GHSA-6xh7-4v2w-36q6

VCID-b2mg-kc6t-z7ht

Improper Input Validation A spoofing vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.

CVE-2017-0256
GHSA-j8f4-2w4p-mhjc

VCID-j4d8-wr24-63d3

Improper Certificate Validation Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to bypass Enhanced Security Usage taggings when they present a certificate that is invalid for a specific use, aka ".NET Security Feature Bypass Vulnerability."

CVE-2017-0248
GHSA-ch6p-4jcm-h8vh

VCID-mrpr-pw4n-bfae

Improper Input Validation An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.

CVE-2017-0249
GHSA-qhqf-ghgh-x2m4

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T20:48:40.959287+00:00	GitLab Importer	Fixing	VCID-j4d8-wr24-63d3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Http.WinHttpHandler/CVE-2017-0248.yml	38.4.0
2026-04-16T20:48:19.972491+00:00	GitLab Importer	Fixing	VCID-axvm-3dh9-3kf6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Http.WinHttpHandler/CVE-2017-0247.yml	38.4.0
2026-04-16T20:48:19.510597+00:00	GitLab Importer	Fixing	VCID-mrpr-pw4n-bfae	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Http.WinHttpHandler/CVE-2017-0249.yml	38.4.0
2026-04-16T20:48:17.002548+00:00	GitLab Importer	Fixing	VCID-b2mg-kc6t-z7ht	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Http.WinHttpHandler/CVE-2017-0256.yml	38.4.0
2026-04-11T21:59:36.169536+00:00	GitLab Importer	Fixing	VCID-j4d8-wr24-63d3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Http.WinHttpHandler/CVE-2017-0248.yml	38.3.0
2026-04-11T21:59:12.210400+00:00	GitLab Importer	Fixing	VCID-axvm-3dh9-3kf6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Http.WinHttpHandler/CVE-2017-0247.yml	38.3.0
2026-04-11T21:59:11.778637+00:00	GitLab Importer	Fixing	VCID-mrpr-pw4n-bfae	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Http.WinHttpHandler/CVE-2017-0249.yml	38.3.0
2026-04-11T21:59:08.714121+00:00	GitLab Importer	Fixing	VCID-b2mg-kc6t-z7ht	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Http.WinHttpHandler/CVE-2017-0256.yml	38.3.0
2026-04-02T22:12:48.096557+00:00	GitLab Importer	Fixing	VCID-j4d8-wr24-63d3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Http.WinHttpHandler/CVE-2017-0248.yml	38.1.0
2026-04-02T22:12:28.108476+00:00	GitLab Importer	Fixing	VCID-axvm-3dh9-3kf6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Http.WinHttpHandler/CVE-2017-0247.yml	38.1.0
2026-04-02T22:12:27.572187+00:00	GitLab Importer	Fixing	VCID-mrpr-pw4n-bfae	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Http.WinHttpHandler/CVE-2017-0249.yml	38.1.0
2026-04-02T22:12:25.716374+00:00	GitLab Importer	Fixing	VCID-b2mg-kc6t-z7ht	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Http.WinHttpHandler/CVE-2017-0256.yml	38.1.0
2026-04-01T15:56:49.902105+00:00	GHSA Importer	Fixing	VCID-j4d8-wr24-63d3	https://github.com/advisories/GHSA-ch6p-4jcm-h8vh	38.0.0
2026-04-01T15:56:49.044723+00:00	GHSA Importer	Fixing	VCID-axvm-3dh9-3kf6	https://github.com/advisories/GHSA-6xh7-4v2w-36q6	38.0.0
2026-04-01T15:56:48.034525+00:00	GHSA Importer	Fixing	VCID-b2mg-kc6t-z7ht	https://github.com/advisories/GHSA-j8f4-2w4p-mhjc	38.0.0
2026-04-01T15:56:46.727158+00:00	GHSA Importer	Fixing	VCID-mrpr-pw4n-bfae	https://github.com/advisories/GHSA-qhqf-ghgh-x2m4	38.0.0
2026-04-01T13:03:35.423860+00:00	GithubOSV Importer	Fixing	VCID-b2mg-kc6t-z7ht	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-j8f4-2w4p-mhjc/GHSA-j8f4-2w4p-mhjc.json	38.0.0
2026-04-01T13:03:34.180828+00:00	GithubOSV Importer	Fixing	VCID-axvm-3dh9-3kf6	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-6xh7-4v2w-36q6/GHSA-6xh7-4v2w-36q6.json	38.0.0
2026-04-01T13:03:33.578824+00:00	GithubOSV Importer	Fixing	VCID-mrpr-pw4n-bfae	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-qhqf-ghgh-x2m4/GHSA-qhqf-ghgh-x2m4.json	38.0.0
2026-04-01T13:03:20.121051+00:00	GithubOSV Importer	Fixing	VCID-j4d8-wr24-63d3	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-ch6p-4jcm-h8vh/GHSA-ch6p-4jcm-h8vh.json	38.0.0
2026-04-01T12:48:02.354582+00:00	GitLab Importer	Fixing	VCID-j4d8-wr24-63d3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Http.WinHttpHandler/CVE-2017-0248.yml	38.0.0
2026-04-01T12:48:01.049902+00:00	GitLab Importer	Fixing	VCID-axvm-3dh9-3kf6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Http.WinHttpHandler/CVE-2017-0247.yml	38.0.0
2026-04-01T12:48:01.029668+00:00	GitLab Importer	Fixing	VCID-mrpr-pw4n-bfae	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Http.WinHttpHandler/CVE-2017-0249.yml	38.0.0
2026-04-01T12:48:00.892443+00:00	GitLab Importer	Fixing	VCID-b2mg-kc6t-z7ht	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Http.WinHttpHandler/CVE-2017-0256.yml	38.0.0