VYPR

NuGet package

microsoft.aspnetcore.app.runtime.linux-arm

pkg:nuget/microsoft.aspnetcore.app.runtime.linux-arm

Vulnerabilities (21)

  • CVE-2026-26130HigMar 10, 2026
    affected >= 8.0.0, < 8.0.25fixed 8.0.25

    Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.

  • CVE-2025-55315Oct 14, 2025
    affected >= 10.0.0-rc.1.25451.107, < 10.0.0-rc.2.25502.107fixed 10.0.0-rc.2.25502.107

    Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.

  • CVE-2025-24070Mar 11, 2025
    affected >= 9.0.0, < 9.0.3fixed 9.0.3

    Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.

  • CVE-2024-38229Oct 8, 2024
    affected >= 9.0.0-preview.1.24081.5, < 9.0.0-rc.2.24474.3fixed 9.0.0-rc.2.24474.3

    .NET and Visual Studio Remote Code Execution Vulnerability

  • CVE-2024-35264Jul 9, 2024
    affected >= 8.0.0, < 8.0.7fixed 8.0.7

    .NET and Visual Studio Remote Code Execution Vulnerability

  • CVE-2024-30046May 14, 2024
    affected >= 7.0.0, < 7.0.19fixed 7.0.19

    Visual Studio Denial of Service Vulnerability

  • CVE-2024-21386Feb 13, 2024
    affected < 6.0.27fixed 6.0.27

    .NET Denial of Service Vulnerability

  • CVE-2023-33170Jul 11, 2023
    affected < 6.0.20fixed 6.0.20

    ASP.NET and Visual Studio Security Feature Bypass Vulnerability

  • CVE-2022-38013Sep 13, 2022
    affected >= 3.1.0, < 3.1.29fixed 3.1.29

    .NET Core and Visual Studio Denial of Service Vulnerability

  • CVE-2022-34716Aug 9, 2022
    affected >= 3.1.0, < 3.1.28fixed 3.1.28

    .NET Spoofing Vulnerability

  • CVE-2022-29145May 10, 2022
    affected >= 3.0.0, < 3.1.25fixed 3.1.25

    .NET and Visual Studio Denial of Service Vulnerability

  • CVE-2022-29117May 10, 2022
    affected >= 3.0.0, < 3.1.25fixed 3.1.25

    .NET and Visual Studio Denial of Service Vulnerability

  • CVE-2022-23267May 10, 2022
    affected >= 3.0.0, < 3.1.25fixed 3.1.25

    .NET and Visual Studio Denial of Service Vulnerability

  • CVE-2022-24464Mar 9, 2022
    affected >= 3.0.0, < 3.1.23fixed 3.1.23

    .NET and Visual Studio Denial of Service Vulnerability

  • CVE-2022-21986Feb 9, 2022
    affected >= 5.0.0, < 5.0.14fixed 5.0.14

    .NET Denial of Service Vulnerability

  • CVE-2021-1723Jan 12, 2021
    affected >= 3.1.0, < 3.1.11fixed 3.1.11

    ASP.NET Core and Visual Studio Denial of Service Vulnerability

  • CVE-2020-1045Sep 11, 2020
    affected >= 3.1.0, < 3.1.8fixed 3.1.8

    A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names. The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.<

  • CVE-2020-1597Aug 17, 2020
    affected >= 3.1.0, < 3.1.7fixed 3.1.7

    A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without auth

  • CVE-2020-1161May 21, 2020
    affected >= 3.1.0, < 3.1.4fixed 3.1.4

    A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.

  • CVE-2020-0603Jan 14, 2020
    affected >= 3.1.0, < 3.1.1fixed 3.1.1

    A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.NET Core Remote Code Execution

Page 1 of 2