Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS0yM2N2LWpoNHYtdmZmbc4AAjRA

Denial of service in ASP.NET Core

A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.

Permalink: https://github.com/advisories/GHSA-23cv-jh4v-vffm
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS0yM2N2LWpoNHYtdmZmbc4AAjRA
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: over 1 year ago
Updated: 8 months ago

Identifiers: GHSA-23cv-jh4v-vffm, CVE-2020-0602
References:

Affected Packages

nuget:Microsoft.AspNetCore.App.Runtime.win-x86

Versions: >= 3.1.0, < 3.1.1
Fixed in: 3.1.1

nuget:Microsoft.AspNetCore.App.Runtime.win-x64

Versions: >= 3.1.0, < 3.1.1
Fixed in: 3.1.1

nuget:Microsoft.AspNetCore.App.Runtime.win-arm

Versions: >= 3.1.0, < 3.1.1
Fixed in: 3.1.1

nuget:Microsoft.AspNetCore.App.Runtime.osx-x64

Versions: >= 3.1.0, < 3.1.1
Fixed in: 3.1.1

nuget:Microsoft.AspNetCore.App.Runtime.linux-x64

Versions: >= 3.1.0, < 3.1.1
Fixed in: 3.1.1

nuget:Microsoft.AspNetCore.App.Runtime.linux-musl-x64

Versions: >= 3.1.0, < 3.1.1
Fixed in: 3.1.1

nuget:Microsoft.AspNetCore.App.Runtime.linux-arm64

Versions: >= 3.1.0, < 3.1.1
Fixed in: 3.1.1

nuget:Microsoft.AspNetCore.App.Runtime.linux-arm

Versions: >= 3.1.0, < 3.1.1
Fixed in: 3.1.1

nuget:Microsoft.AspNetCore.Http.Connections

Versions: >= 1.0.0, < 1.0.15
Fixed in: 1.0.15

nuget:Microsoft.AspNetCore.App

Versions: >= 2.1.0, < 2.1.15, = 3.0.0, = 3.1.0
Fixed in: 2.1.15, 3.0.1, 3.1.1

nuget:Microsoft.AspNetCore.All

Versions: >= 2.1.0, < 2.1.15
Fixed in: 2.1.15