You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.
Microsoft.AspNetCore.Http 2.2.0
[CVE-2020-1045] CWE-noinfo
A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.
The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.
The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.
The text was updated successfully, but these errors were encountered:
Microsoft.AspNetCore.Mvc.ViewFeatures has dependecy to
Microsoft.AspNetCore.Routing 2.2.0
[CVE-2020-1161] CWE-20: Improper Input Validation
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.
Microsoft.AspNetCore.Http 2.2.0
[CVE-2020-1045] CWE-noinfo
A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.
The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.
The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.
The text was updated successfully, but these errors were encountered: