Denial of service in ASP.NET Core

GHSA-23cv-jh4v-vffm · BIT-aspnet-core-2020-0602 · CVE-2020-0602

Published May 24, 2022 · Modified Nov 28, 2024

Description

A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.

References

Affected Packages

NuGet/Microsoft.AspNetCore.All

Fix 2.1.15

Introduced 2.1.0

15 affected versions

2.1.02.1.12.1.102.1.112.1.122.1.132.1.142.1.22.1.32.1.42.1.52.1.62.1.72.1.82.1.9

NuGet/Microsoft.AspNetCore.App

Fix 2.1.15, 3.0.1, 3.1.1

Introduced 2.1.0, 3.0.0, 3.1.0

17 affected versions

2.1.02.1.12.1.102.1.112.1.122.1.132.1.142.1.22.1.32.1.42.1.52.1.62.1.72.1.82.1.93.0.03.1.0

NuGet/Microsoft.AspNetCore.App.Runtime.linux-arm

Fix 3.1.1

Introduced 3.1.0

1 affected version

3.1.0

NuGet/Microsoft.AspNetCore.App.Runtime.linux-arm64

Fix 3.1.1

Introduced 3.1.0

1 affected version

3.1.0

NuGet/Microsoft.AspNetCore.App.Runtime.linux-musl-x64

Fix 3.1.1

Introduced 3.1.0

1 affected version

3.1.0

NuGet/Microsoft.AspNetCore.App.Runtime.linux-x64

Fix 3.1.1

Introduced 3.1.0

1 affected version

3.1.0

NuGet/Microsoft.AspNetCore.App.Runtime.osx-x64

Fix 3.1.1

Introduced 3.1.0

1 affected version

3.1.0

NuGet/Microsoft.AspNetCore.App.Runtime.win-arm

Fix 3.1.1

Introduced 3.1.0

1 affected version

3.1.0

NuGet/Microsoft.AspNetCore.App.Runtime.win-x64

Fix 3.1.1

Introduced 3.1.0

1 affected version

3.1.0

NuGet/Microsoft.AspNetCore.App.Runtime.win-x86

Fix 3.1.1

Introduced 3.1.0

1 affected version

3.1.0

NuGet/Microsoft.AspNetCore.Http.Connections

Fix 1.0.15

Introduced 1.0.0

5 affected versions

1.0.01.0.11.0.21.0.31.0.4

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes