NuGet package
microsoft.owin
pkg:nuget/microsoft.owin
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-29117 | — | < 4.2.2 | 4.2.2 | May 10, 2022 | .NET and Visual Studio Denial of Service Vulnerability | ||
| CVE-2020-1045 | — | < 4.1.1 | 4.1.1 | Sep 11, 2020 | A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names. The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.< |
- CVE-2022-29117May 10, 2022affected < 4.2.2fixed 4.2.2
.NET and Visual Studio Denial of Service Vulnerability
- CVE-2020-1045Sep 11, 2020affected < 4.1.1fixed 4.1.1
A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names. The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.<