System.text.encodings.web
by Microsoft
nuget: system.text.encodings.web
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-0247 | Hig | 0.50 | 7.5 | 0.17 | May 12, 2017 | A denial of service vulnerability exists when the ASP.NET Core fails to properly validate web requests. NOTE: Microsoft has not commented on third-party claims that the issue is that the TextEncoder.EncodeCore function in the System.Text.Encodings.Web package in ASP.NET Core Mvc… | ||
| CVE-2017-0249 | Hig | 0.48 | 7.3 | 0.04 | May 12, 2017 | An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests. | ||
| CVE-2017-0256 | Med | 0.35 | 5.3 | 0.04 | May 12, 2017 | A spoofing vulnerability exists when the ASP.NET Core fails to properly sanitize web requests. |
- risk 0.50cvss 7.5epss 0.17
A denial of service vulnerability exists when the ASP.NET Core fails to properly validate web requests. NOTE: Microsoft has not commented on third-party claims that the issue is that the TextEncoder.EncodeCore function in the System.Text.Encodings.Web package in ASP.NET Core Mvc…
- risk 0.48cvss 7.3epss 0.04
An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.
- risk 0.35cvss 5.3epss 0.04
A spoofing vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.