Search for packages
| purl | pkg:nuget/Microsoft.AspNetCore.All@2.1.10 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-63fu-pwhf-aaaf
Aliases: CVE-2020-0602 GHSA-23cv-jh4v-vffm |
Improper Input Validation A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'. |
Affected by 2 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-b4f8-17jc-aaap
Aliases: CVE-2018-8269 GHSA-mv2r-q4g5-j8q5 |
Microsoft.Data.OData Library improperly handles web requests |
Affected by 5 other vulnerabilities. Affected by 5 other vulnerabilities. Affected by 3 other vulnerabilities. |
|
VCID-bsmn-prby-aaan
Aliases: CVE-2020-1597 GHSA-f8qx-mjcq-wfgx |
Improper Input Validation A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'. |
Affected by 2 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-c413-2csk-aaam
Aliases: CVE-2020-0603 GHSA-655q-9gvg-q4cm |
Out-of-bounds Write A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.NET Core Remote Code Execution Vulnerability'. |
Affected by 2 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-qfp7-4wbw-aaaf
Aliases: CVE-2019-0982 GHSA-4jxx-4qxw-prxm |
Uncontrolled Resource Consumption A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'. |
Affected by 4 other vulnerabilities. |
|
VCID-rcjn-7ufv-aaag
Aliases: CVE-2020-1045 GHSA-hxrm-9w7p-39cc |
Improper Input Validation A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names. The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded. The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names., aka 'Microsoft ASP.NET Core Security Feature Bypass Vulnerability'. |
Affected by 0 other vulnerabilities. |
|
VCID-rt1q-nt91-aaar
Aliases: CVE-2019-1302 GHSA-xr8f-59pp-rxxh |
Improper Input Validation An elevation of privilege vulnerability exists when a ASP.NET Core web application, created using vulnerable project templates, fails to properly sanitize web requests, aka 'ASP.NET Core Elevation Of Privilege Vulnerability'. | There are no reported fixed by versions. |
|
VCID-tsvj-kuwx-aaag
Aliases: CVE-2019-1075 GHSA-prrf-397v-83xh |
URL Redirection to Untrusted Site ('Open Redirect') A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect, aka 'ASP.NET Core Spoofing Vulnerability'. |
Affected by 6 other vulnerabilities. Affected by 4 other vulnerabilities. Affected by 4 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||