A spoofing vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.
Max CVSS
5.3
EPSS Score
0.11%
Published
2017-05-12
Updated
2021-06-30
An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.
Max CVSS
7.5
EPSS Score
0.15%
Published
2017-05-12
Updated
2021-06-30
A denial of service vulnerability exists when the ASP.NET Core fails to properly validate web requests. NOTE: Microsoft has not commented on third-party claims that the issue is that the TextEncoder.EncodeCore function in the System.Text.Encodings.Web package in ASP.NET Core Mvc before 1.0.4 and 1.1.x before 1.1.3 allows remote attackers to cause a denial of service by leveraging failure to properly calculate the length of 4-byte characters in the Unicode Non-Character range.
Max CVSS
7.5
EPSS Score
0.35%
Published
2017-05-12
Updated
2021-06-30
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!