VulnerableCode Package Details - pkg:nuget/Microsoft.AspNetCore.All@1.1

Search for packages

Package details: pkg:nuget/Microsoft.AspNetCore.All@1.1

Essentials
History (0)

purl	pkg:nuget/Microsoft.AspNetCore.All@1.1
Tags	Ghost

Next non-vulnerable version	2.1.30
Latest non-vulnerable version	2.1.30
Risk	4.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-4ycz-b62h-aaae Aliases: CVE-2017-8700 GHSA-3rp6-rjw4-cq39	Permissive Cross-domain Policy with Untrusted Domains ASP.NET Core allow an attacker to bypass Cross-origin Resource Sharing (CORS) configurations and retrieve normally restricted content from a web application, aka "ASP.NET Core Information Disclosure Vulnerability".	2.0.3 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-kqu6-94cz-aaaq Aliases: CVE-2018-0875 GHSA-xcvr-qv8h-m7xw	Uncontrolled Resource Consumption .NET Core, .NET Core, NET Core and PowerShell Core allow a denial of Service vulnerability due to how specially crafted requests are handled, aka ".NET Core Denial of Service Vulnerability".	2.0.0-preview1-final Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.0.3 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-4ycz-b62h-aaae
Aliases:
CVE-2017-8700
GHSA-3rp6-rjw4-cq39

Permissive Cross-domain Policy with Untrusted Domains ASP.NET Core allow an attacker to bypass Cross-origin Resource Sharing (CORS) configurations and retrieve normally restricted content from a web application, aka "ASP.NET Core Information Disclosure Vulnerability".

2.0.3
Affected by 3 other vulnerabilities.

VCID-kqu6-94cz-aaaq
Aliases:
CVE-2018-0875
GHSA-xcvr-qv8h-m7xw

Uncontrolled Resource Consumption .NET Core, .NET Core, NET Core and PowerShell Core allow a denial of Service vulnerability due to how specially crafted requests are handled, aka ".NET Core Denial of Service Vulnerability".

2.0.0-preview1-final
Affected by 5 other vulnerabilities.

2.0.3
Affected by 3 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version