VYPR

Asp.net Model View Controller

by Microsoft

CVEs (4)

  • CVE-2017-0247HigMay 12, 2017
    risk 0.50cvss 7.5epss 0.17

    A denial of service vulnerability exists when the ASP.NET Core fails to properly validate web requests. NOTE: Microsoft has not commented on third-party claims that the issue is that the TextEncoder.EncodeCore function in the System.Text.Encodings.Web package in ASP.NET Core Mvc…

  • CVE-2017-0249HigMay 12, 2017
    risk 0.48cvss 7.3epss 0.04

    An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.

  • CVE-2017-0256MedMay 12, 2017
    risk 0.35cvss 5.3epss 0.04

    A spoofing vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.

  • CVE-2014-4075Oct 15, 2014
    risk 0.02cvss epss 0.20

    Cross-site scripting (XSS) vulnerability in System.Web.Mvc.dll in Microsoft ASP.NET Model View Controller (MVC) 2.0 through 5.1 allows remote attackers to inject arbitrary web script or HTML via a crafted web page, aka "MVC XSS Vulnerability."