VulnerableCode Package Details - pkg:nuget/Microsoft.AspNetCore.All@3.0.0

Search for packages

Vulnerability	Summary	Fixed by
VCID-63fu-pwhf-aaaf Aliases: CVE-2020-0602 GHSA-23cv-jh4v-vffm	Improper Input Validation A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.	3.1.1 Affected by 0 other vulnerabilities.
VCID-c413-2csk-aaam Aliases: CVE-2020-0603 GHSA-655q-9gvg-q4cm	Out-of-bounds Write A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.NET Core Remote Code Execution Vulnerability'.	3.1.1 Affected by 0 other vulnerabilities.
VCID-rt1q-nt91-aaar Aliases: CVE-2019-1302 GHSA-xr8f-59pp-rxxh	Improper Input Validation An elevation of privilege vulnerability exists when a ASP.NET Core web application, created using vulnerable project templates, fails to properly sanitize web requests, aka 'ASP.NET Core Elevation Of Privilege Vulnerability'.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-63fu-pwhf-aaaf
Aliases:
CVE-2020-0602
GHSA-23cv-jh4v-vffm

Improper Input Validation A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.

3.1.1
Affected by 0 other vulnerabilities.

VCID-c413-2csk-aaam
Aliases:
CVE-2020-0603
GHSA-655q-9gvg-q4cm

Out-of-bounds Write A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.NET Core Remote Code Execution Vulnerability'.

3.1.1
Affected by 0 other vulnerabilities.

VCID-rt1q-nt91-aaar
Aliases:
CVE-2019-1302
GHSA-xr8f-59pp-rxxh

Improper Input Validation An elevation of privilege vulnerability exists when a ASP.NET Core web application, created using vulnerable project templates, fails to properly sanitize web requests, aka 'ASP.NET Core Elevation Of Privilege Vulnerability'.

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-01-16T23:28:18.125585+00:00	GitLab Importer	Affected by	VCID-c413-2csk-aaam	None	35.1.0
2025-01-16T23:28:18.088035+00:00	GitLab Importer	Affected by	VCID-63fu-pwhf-aaaf	None	35.1.0
2025-01-16T23:28:17.608479+00:00	GitLab Importer	Affected by	VCID-rt1q-nt91-aaar	None	35.1.0
2024-09-17T22:45:28.693824+00:00	GitLab Importer	Affected by	VCID-c413-2csk-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.All/CVE-2020-0603.yml	34.0.1
2024-09-17T22:45:28.572798+00:00	GitLab Importer	Affected by	VCID-63fu-pwhf-aaaf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.All/CVE-2020-0602.yml	34.0.1
2024-09-17T22:45:27.867255+00:00	GitLab Importer	Affected by	VCID-rt1q-nt91-aaar	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.All/CVE-2019-1302.yml	34.0.1
2024-01-03T18:06:56.392485+00:00	GitLab Importer	Affected by	VCID-c413-2csk-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.All/CVE-2020-0603.yml	34.0.0rc1
2024-01-03T18:06:56.301007+00:00	GitLab Importer	Affected by	VCID-63fu-pwhf-aaaf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.All/CVE-2020-0602.yml	34.0.0rc1
2024-01-03T18:06:55.670380+00:00	GitLab Importer	Affected by	VCID-rt1q-nt91-aaar	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.AspNetCore.All/CVE-2019-1302.yml	34.0.0rc1