NuGet package
microsoft.aspnetcore.server.httpsys
pkg:nuget/microsoft.aspnetcore.server.httpsys
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-1075 | — | >= 2.2.0, < 2.2.6 | 2.2.6 | Jul 15, 2019 | A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect, aka 'ASP.NET Core Spoofing Vulnerability'. | ||
| CVE-2017-11883 | Hig | 7.5 | >= 2.0.0, < 2.0.2 | 2.0.2 | Nov 15, 2017 | .NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to remotely cause a denial of service attack against a .NET Core web application by improperly handling web requests, aka ".NET CORE Denial Of Service Vulnerability". |
- CVE-2019-1075Jul 15, 2019affected >= 2.2.0, < 2.2.6fixed 2.2.6
A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect, aka 'ASP.NET Core Spoofing Vulnerability'.
- affected >= 2.0.0, < 2.0.2fixed 2.0.2
.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to remotely cause a denial of service attack against a .NET Core web application by improperly handling web requests, aka ".NET CORE Denial Of Service Vulnerability".