Search for packages
| purl | pkg:nuget/Microsoft.AspNetCore.All@2.2.0 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1va4-u1vh-aaab
Aliases: CVE-2019-0548 |
Uncontrolled Resource Consumption A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka "ASP.NET Core Denial of Service Vulnerability." This affects ASP.NET Core, ASP.NET Core This CVE ID is unique from CVE-2019-0564. | There are no reported fixed by versions. |
|
VCID-a5x1-xfpf-aaag
Aliases: CVE-2019-0815 |
Uncontrolled Resource Consumption A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'. |
Affected by 4 other vulnerabilities. |
|
VCID-b4f8-17jc-aaap
Aliases: CVE-2018-8269 GHSA-mv2r-q4g5-j8q5 |
Microsoft.Data.OData Library improperly handles web requests |
Affected by 3 other vulnerabilities. |
|
VCID-bsmn-prby-aaan
Aliases: CVE-2020-1597 GHSA-f8qx-mjcq-wfgx |
Improper Input Validation A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'. |
Affected by 0 other vulnerabilities. |
|
VCID-h1ra-1p9m-aaag
Aliases: CVE-2019-0564 GHSA-6px8-22w5-w334 |
Uncontrolled Resource Consumption A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka "ASP.NET Core Denial of Service Vulnerability." This affects ASP.NET Core This CVE ID is unique from CVE-2019-0548. |
Affected by 4 other vulnerabilities. |
|
VCID-qfp7-4wbw-aaaf
Aliases: CVE-2019-0982 GHSA-4jxx-4qxw-prxm |
Uncontrolled Resource Consumption A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'. |
Affected by 4 other vulnerabilities. |
|
VCID-rcjn-7ufv-aaag
Aliases: CVE-2020-1045 GHSA-hxrm-9w7p-39cc |
Improper Input Validation A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names. The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded. The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names., aka 'Microsoft ASP.NET Core Security Feature Bypass Vulnerability'. |
Affected by 0 other vulnerabilities. |
|
VCID-rt1q-nt91-aaar
Aliases: CVE-2019-1302 GHSA-xr8f-59pp-rxxh |
Improper Input Validation An elevation of privilege vulnerability exists when a ASP.NET Core web application, created using vulnerable project templates, fails to properly sanitize web requests, aka 'ASP.NET Core Elevation Of Privilege Vulnerability'. | There are no reported fixed by versions. |
|
VCID-tsvj-kuwx-aaag
Aliases: CVE-2019-1075 GHSA-prrf-397v-83xh |
URL Redirection to Untrusted Site ('Open Redirect') A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect, aka 'ASP.NET Core Spoofing Vulnerability'. |
Affected by 4 other vulnerabilities. Affected by 4 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-h1ra-1p9m-aaag | Uncontrolled Resource Consumption A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka "ASP.NET Core Denial of Service Vulnerability." This affects ASP.NET Core This CVE ID is unique from CVE-2019-0548. |
CVE-2019-0564
GHSA-6px8-22w5-w334 |