Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Asp\.net_core
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 33 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-05-21 | CVE-2020-1161 | A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'. | Asp\.net_core, Visual_studio_2017, Visual_studio_2019 | 7.5 | ||
| 2020-08-17 | CVE-2020-1597 | A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the ASP.NET Core application. The update addresses the vulnerability by correcting how the... | Fedora, Asp\.net_core, Visual_studio_2017, Visual_studio_2019 | 7.5 | ||
| 2020-09-11 | CVE-2020-1045 | <p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.</p> <p>The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.</p> | Fedora, Asp\.net_core, Enterprise_linux, Enterprise_linux_aus, Enterprise_linux_eus, Enterprise_linux_tus | N/A | ||
| 2021-01-12 | CVE-2021-1723 | ASP.NET Core and Visual Studio Denial of Service Vulnerability | Fedora, Asp\.net_core, Visual_studio_2019 | N/A | ||
| 2021-08-12 | CVE-2021-34532 | ASP.NET Core and Visual Studio Information Disclosure Vulnerability | Asp\.net_core, Visual_studio_2019 | N/A | ||
| 2021-12-15 | CVE-2021-43877 | ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability | Asp\.net_core, Visual_studio_2019, Visual_studio_2022 | N/A | ||
| 2023-08-08 | CVE-2023-35391 | ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability | \.net, Asp\.net_core, Visual_studio_2022 | 7.5 | ||
| 2023-08-08 | CVE-2023-38180 | .NET and Visual Studio Denial of Service Vulnerability | Fedora, \.net, Asp\.net_core, Visual_studio_2022 | N/A | ||
| 2023-11-14 | CVE-2023-36038 | ASP.NET Core Denial of Service Vulnerability | Asp\.net_core, Visual_studio_2022 | 7.5 | ||
| 2023-11-14 | CVE-2023-36558 | ASP.NET Core - Security Feature Bypass Vulnerability | \.net, Asp\.net_core, Visual_studio_2022 | 5.5 |