Microsoft ASP.NET Core 2.1.0

CPE Details

Microsoft ASP.NET Core 2.1.0
microsoft
asp.net_core
2.1.0
2023-10-15
14h48 +00:00
2023-10-15
14h48 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:microsoft:asp.net_core:2.1.0:*:*:*:*:*:*:*

Informations

Vendor

microsoft

Product

asp.net_core

Version

2.1.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-38180 2023-08-08 18h52 +00:00 .NET and Visual Studio Denial of Service Vulnerability
7.5
High
CVE-2023-35391 2023-08-08 18h52 +00:00 ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability
7.5
High
CVE-2021-34532 2021-08-12 16h12 +00:00 ASP.NET Core and Visual Studio Information Disclosure Vulnerability
5.5
Medium
CVE-2020-1045 2020-09-10 22h00 +00:00

A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.

The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.

The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.
7.5
High
CVE-2018-8409 2018-09-12 22h00 +00:00 A denial of service vulnerability exists when System.IO.Pipelines improperly handles requests, aka "System.IO.Pipelines Denial of Service." This affects .NET Core 2.1, System.IO.Pipelines, ASP.NET Core 2.1.
7.5
High