Vulnerabilities > Microsoft > ASP NET Core > 2.1.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-08 | CVE-2023-35391 | Unspecified vulnerability in Microsoft .Net and Visual Studio 2022 ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability | 7.5 |
2020-09-11 | CVE-2020-1045 | <p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.</p> <p>The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.</p> | 7.5 |