VulnerableCode Package Details - pkg:nuget/System.Net.Security@4.3.0

Search for packages

Vulnerability	Summary	Fixed by
VCID-axvm-3dh9-3kf6 Aliases: CVE-2017-0247 GHSA-6xh7-4v2w-36q6	Improper Input Validation A denial of service vulnerability exists when the ASP.NET Core fails to properly validate web requests. NOTE: Microsoft has not commented on third-party claims that the issue is that the TextEncoder.EncodeCore function in the System.Text.Encodings.Web package in ASP.NET Core Mvc allows remote attackers to cause a denial of service by leveraging failure to properly calculate the length of 4-byte characters in the Unicode Non-Character range.	4.3.1 Affected by 0 other vulnerabilities.
VCID-b2mg-kc6t-z7ht Aliases: CVE-2017-0256 GHSA-j8f4-2w4p-mhjc	Improper Input Validation A spoofing vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.	4.3.1 Affected by 0 other vulnerabilities.
VCID-j4d8-wr24-63d3 Aliases: CVE-2017-0248 GHSA-ch6p-4jcm-h8vh	Improper Certificate Validation Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to bypass Enhanced Security Usage taggings when they present a certificate that is invalid for a specific use, aka ".NET Security Feature Bypass Vulnerability."	4.3.1 Affected by 0 other vulnerabilities.
VCID-mrpr-pw4n-bfae Aliases: CVE-2017-0249 GHSA-qhqf-ghgh-x2m4	Improper Input Validation An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.	4.3.1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-axvm-3dh9-3kf6
Aliases:
CVE-2017-0247
GHSA-6xh7-4v2w-36q6

Improper Input Validation A denial of service vulnerability exists when the ASP.NET Core fails to properly validate web requests. NOTE: Microsoft has not commented on third-party claims that the issue is that the TextEncoder.EncodeCore function in the System.Text.Encodings.Web package in ASP.NET Core Mvc allows remote attackers to cause a denial of service by leveraging failure to properly calculate the length of 4-byte characters in the Unicode Non-Character range.

4.3.1
Affected by 0 other vulnerabilities.

VCID-b2mg-kc6t-z7ht
Aliases:
CVE-2017-0256
GHSA-j8f4-2w4p-mhjc

Improper Input Validation A spoofing vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.

4.3.1
Affected by 0 other vulnerabilities.

VCID-j4d8-wr24-63d3
Aliases:
CVE-2017-0248
GHSA-ch6p-4jcm-h8vh

Improper Certificate Validation Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to bypass Enhanced Security Usage taggings when they present a certificate that is invalid for a specific use, aka ".NET Security Feature Bypass Vulnerability."

4.3.1
Affected by 0 other vulnerabilities.

VCID-mrpr-pw4n-bfae
Aliases:
CVE-2017-0249
GHSA-qhqf-ghgh-x2m4

Improper Input Validation An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.

4.3.1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T20:48:34.250876+00:00	GitLab Importer	Affected by	VCID-mrpr-pw4n-bfae	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Security/CVE-2017-0249.yml	38.4.0
2026-04-16T20:48:28.439985+00:00	GitLab Importer	Affected by	VCID-b2mg-kc6t-z7ht	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Security/CVE-2017-0256.yml	38.4.0
2026-04-16T20:48:23.119411+00:00	GitLab Importer	Affected by	VCID-j4d8-wr24-63d3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Security/CVE-2017-0248.yml	38.4.0
2026-04-16T20:48:18.441382+00:00	GitLab Importer	Affected by	VCID-axvm-3dh9-3kf6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Security/CVE-2017-0247.yml	38.4.0
2026-04-11T21:59:29.189464+00:00	GitLab Importer	Affected by	VCID-mrpr-pw4n-bfae	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Security/CVE-2017-0249.yml	38.3.0
2026-04-11T21:59:22.979120+00:00	GitLab Importer	Affected by	VCID-b2mg-kc6t-z7ht	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Security/CVE-2017-0256.yml	38.3.0
2026-04-11T21:59:15.365615+00:00	GitLab Importer	Affected by	VCID-j4d8-wr24-63d3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Security/CVE-2017-0248.yml	38.3.0
2026-04-11T21:59:10.677793+00:00	GitLab Importer	Affected by	VCID-axvm-3dh9-3kf6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Security/CVE-2017-0247.yml	38.3.0
2026-04-02T22:12:40.838284+00:00	GitLab Importer	Affected by	VCID-mrpr-pw4n-bfae	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Security/CVE-2017-0249.yml	38.1.0
2026-04-02T22:12:35.593284+00:00	GitLab Importer	Affected by	VCID-b2mg-kc6t-z7ht	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Security/CVE-2017-0256.yml	38.1.0
2026-04-02T22:12:30.133515+00:00	GitLab Importer	Affected by	VCID-j4d8-wr24-63d3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Security/CVE-2017-0248.yml	38.1.0
2026-04-02T22:12:26.997828+00:00	GitLab Importer	Affected by	VCID-axvm-3dh9-3kf6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Security/CVE-2017-0247.yml	38.1.0
2026-04-01T15:56:50.358116+00:00	GHSA Importer	Affected by	VCID-j4d8-wr24-63d3	https://github.com/advisories/GHSA-ch6p-4jcm-h8vh	38.0.0
2026-04-01T15:56:49.149065+00:00	GHSA Importer	Affected by	VCID-axvm-3dh9-3kf6	https://github.com/advisories/GHSA-6xh7-4v2w-36q6	38.0.0
2026-04-01T15:56:47.629744+00:00	GHSA Importer	Affected by	VCID-b2mg-kc6t-z7ht	https://github.com/advisories/GHSA-j8f4-2w4p-mhjc	38.0.0
2026-04-01T15:56:46.696714+00:00	GHSA Importer	Affected by	VCID-mrpr-pw4n-bfae	https://github.com/advisories/GHSA-qhqf-ghgh-x2m4	38.0.0
2026-04-01T13:03:35.463676+00:00	GithubOSV Importer	Affected by	VCID-b2mg-kc6t-z7ht	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-j8f4-2w4p-mhjc/GHSA-j8f4-2w4p-mhjc.json	38.0.0
2026-04-01T13:03:34.230675+00:00	GithubOSV Importer	Affected by	VCID-axvm-3dh9-3kf6	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-6xh7-4v2w-36q6/GHSA-6xh7-4v2w-36q6.json	38.0.0
2026-04-01T13:03:33.625093+00:00	GithubOSV Importer	Affected by	VCID-mrpr-pw4n-bfae	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-qhqf-ghgh-x2m4/GHSA-qhqf-ghgh-x2m4.json	38.0.0
2026-04-01T13:03:20.156401+00:00	GithubOSV Importer	Affected by	VCID-j4d8-wr24-63d3	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-ch6p-4jcm-h8vh/GHSA-ch6p-4jcm-h8vh.json	38.0.0
2026-04-01T12:48:01.923529+00:00	GitLab Importer	Affected by	VCID-mrpr-pw4n-bfae	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Security/CVE-2017-0249.yml	38.0.0
2026-04-01T12:48:01.514241+00:00	GitLab Importer	Affected by	VCID-b2mg-kc6t-z7ht	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Security/CVE-2017-0256.yml	38.0.0
2026-04-01T12:48:01.210388+00:00	GitLab Importer	Affected by	VCID-j4d8-wr24-63d3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Security/CVE-2017-0248.yml	38.0.0
2026-04-01T12:48:00.977610+00:00	GitLab Importer	Affected by	VCID-axvm-3dh9-3kf6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/System.Net.Security/CVE-2017-0247.yml	38.0.0