VYPR

NuGet package

microsoft.aspnetcore.app.runtime.win-arm

pkg:nuget/microsoft.aspnetcore.app.runtime.win-arm

Vulnerabilities (23)

  • CVE-2026-26130HigMar 10, 2026
    affected >= 8.0.0, < 8.0.25fixed 8.0.25

    Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.

  • CVE-2025-55315Oct 14, 2025
    affected >= 10.0.0-rc.1.25451.107, < 10.0.0-rc.2.25502.107fixed 10.0.0-rc.2.25502.107

    Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.

  • CVE-2025-24070Mar 11, 2025
    affected >= 8.0.0, < 8.0.14fixed 8.0.14

    Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.

  • CVE-2024-38229Oct 8, 2024
    affected >= 9.0.0-preview.1.24081.5, < 9.0.0-rc.2.24474.3fixed 9.0.0-rc.2.24474.3

    .NET and Visual Studio Remote Code Execution Vulnerability

  • CVE-2024-38168Aug 13, 2024
    affected >= 8.0.0, < 8.0.8fixed 8.0.8

    .NET and Visual Studio Denial of Service Vulnerability

  • CVE-2024-35264Jul 9, 2024
    affected >= 8.0.0, < 8.0.7fixed 8.0.7

    .NET and Visual Studio Remote Code Execution Vulnerability

  • CVE-2024-30046May 14, 2024
    affected >= 7.0.0, < 7.0.19fixed 7.0.19

    Visual Studio Denial of Service Vulnerability

  • CVE-2024-21386Feb 13, 2024
    affected < 6.0.27fixed 6.0.27

    .NET Denial of Service Vulnerability

  • CVE-2023-38178Aug 8, 2023
    affected >= 7.0.0, < 7.0.10fixed 7.0.10

    .NET Core and Visual Studio Denial of Service Vulnerability

  • CVE-2023-33170Jul 11, 2023
    affected < 6.0.20fixed 6.0.20

    ASP.NET and Visual Studio Security Feature Bypass Vulnerability

  • CVE-2022-38013Sep 13, 2022
    affected >= 3.1.0, < 3.1.29fixed 3.1.29

    .NET Core and Visual Studio Denial of Service Vulnerability

  • CVE-2022-34716Aug 9, 2022
    affected >= 3.1.0, < 3.1.28fixed 3.1.28

    .NET Spoofing Vulnerability

  • CVE-2022-29145May 10, 2022
    affected >= 3.0.0, < 3.1.25fixed 3.1.25

    .NET and Visual Studio Denial of Service Vulnerability

  • CVE-2022-29117May 10, 2022
    affected >= 3.0.0, < 3.1.25fixed 3.1.25

    .NET and Visual Studio Denial of Service Vulnerability

  • CVE-2022-23267May 10, 2022
    affected >= 3.0.0, < 3.1.25fixed 3.1.25

    .NET and Visual Studio Denial of Service Vulnerability

  • CVE-2022-24464Mar 9, 2022
    affected >= 3.0.0, < 3.1.23fixed 3.1.23

    .NET and Visual Studio Denial of Service Vulnerability

  • CVE-2022-21986Feb 9, 2022
    affected >= 5.0.0, < 5.0.14fixed 5.0.14

    .NET Denial of Service Vulnerability

  • CVE-2021-1723Jan 12, 2021
    affected >= 3.1.0, < 3.1.11fixed 3.1.11

    ASP.NET Core and Visual Studio Denial of Service Vulnerability

  • CVE-2020-1045Sep 11, 2020
    affected >= 3.1.0, < 3.1.8fixed 3.1.8

    A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names. The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.<

  • CVE-2020-1597Aug 17, 2020
    affected >= 3.1.0, < 3.1.7fixed 3.1.7

    A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without auth

Page 1 of 2