cliffcrerar / asp.sandbox Goto Github PK

Vulnerable Library - Microsoft.AspNetCore.Server.Kestrel.Core-3.100.320.12812.dll

Microsoft.AspNetCore.Server.Kestrel.Core

Library home page: https://api.nuget.org/packages/docify.0.2.3.nupkg

Path to vulnerable library: /SandboxOne/bin/Debug/netcoreapp3.1/refs/Microsoft.AspNetCore.Server.Kestrel.Core.dll

Dependency Hierarchy:

• ❌ Microsoft.AspNetCore.Server.Kestrel.Core-3.100.320.12812.dll (Vulnerable Library)

Found in HEAD commit: 52b0261e5528c3fe6547b5a0c0bb6735a0bc7517

Found in base branch: master

Vulnerability Details

ASP.NET Core and Visual Studio Denial of Service Vulnerability

Publish Date: 2021-01-12

URL: CVE-2021-1723

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2021-1723

Release Date: 2021-01-12

Fix Resolution: Microsoft.AspNetCore.App.Runtime.win-arm64 - 5.0.2;LiveReloadServer - 1.1.0;Plugga.Core - 1.0.2;Maple.Branch.Module - 1.0.4;Microsoft.AspNetCore.Components.WebAssembly.Server - 5.0.1,5.0.0-rc.1.20451.17;AspNetCoreRuntime.5.0.x64 - 5.0.2;AspNetCoreRuntime.5.0.x86 - 5.0.2;Microsoft.AspNetCore.App.Runtime.osx-x64 - 5.0.2,3.1.10;GrazeDocs - 2.0.1;Microsoft.AspNetCore.App.Runtime.linux-musl-arm - 5.0.2;Microsoft.AspNetCore.App.Runtime.linux-musl-x64 - 5.0.2,3.1.10;YHWins.Template - 1.1.0;Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 - 3.1.10,5.0.2;Microsoft.AspNetCore.App.Runtime.linux-arm64 - 3.1.10,5.0.2;Microsoft.AspNetCore.App.Ref - 3.1.10,6.0.0-rc.1.21452.15;Microsoft.AspNetCore.Blazor.DevServer - 3.2.0-preview1.20073.1,3.1.0-preview4.19579.2;Microsoft.AspNetCore.App.Runtime.linux-arm - 3.1.10,5.0.2;Microsoft.AspNetCore.App.Runtime.linux-x64 - 3.1.10,5.0.2;stankins.console - 2020.12.20-beta298;Toolbelt.Blazor.DevServer.WithCssLiveReloader - 5.0.1,5.0.0-rc.1.20451.17;DragonFire.Server - 0.0.1-alpha.0;PoExtractor.OrchardCore - 0.5.0-rc2-16220;Microsoft.AspNetCore.App.Runtime.win-arm - 3.1.10,5.0.2;Microsoft.AspNetCore.App.Runtime.win-x64 - 3.1.10,5.0.2;Microsoft.AspNetCore.App.Runtime.win-x86 - 3.1.10,5.0.2;HuLu.Template.Api - 1.0.2;AspNetCoreRuntime.3.1.x64 - 3.1.10;AspNetCoreRuntime.3.1.x86 - 3.1.10;Microsoft.AspNetCore.Components.WebAssembly.DevServer - 5.0.0-rc.1.20451.17,5.0.1;Microsoft.AspNetCore.App.Runtime.win-arm64 - 3.1.10;lingman-webapi - 0.0.18

Vulnerable Libraries - jquery-3.4.1.js, jquery-3.3.1.min.js, jquery-3.3.1.js, jquery-3.4.1.min.js

Found in base branch: master

Vulnerability Details

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Publish Date: 2020-04-29

URL: CVE-2020-11023

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6,https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440

Release Date: 2020-04-29

Fix Resolution: jquery - 3.5.0;jquery-rails - 4.4.0

Vulnerable Library - system.net.http.4.3.0.nupkg

Provides a programming interface for modern HTTP applications, including HTTP client components that...

Library home page: https://api.nuget.org/packages/system.net.http.4.3.0.nupkg

Dependency Hierarchy:

• DevExtreme.AspNet.Core-19.2.7 (Root Library)
  • microsoft.aspnetcore.mvc.2.0.0.nupkg
    • microsoft.aspnetcore.mvc.viewfeatures.2.0.0.nupkg
      • newtonsoft.json.bson.1.0.1.nupkg
        • netstandard.library.1.6.1.nupkg
          • ❌ system.net.http.4.3.0.nupkg (Vulnerable Library)

Found in HEAD commit: 52b0261e5528c3fe6547b5a0c0bb6735a0bc7517

Found in base branch: master

Vulnerability Details

A denial of service vulnerability exists when the ASP.NET Core fails to properly validate web requests. NOTE: Microsoft has not commented on third-party claims that the issue is that the TextEncoder.EncodeCore function in the System.Text.Encodings.Web package in ASP.NET Core Mvc before 1.0.4 and 1.1.x before 1.1.3 allows remote attackers to cause a denial of service by leveraging failure to properly calculate the length of 4-byte characters in the Unicode Non-Character range.

Publish Date: 2017-05-12

URL: CVE-2017-0247

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Release Date: 2017-05-12

Fix Resolution: System.Text.Encodings.Web - 4.0.1,4.3.1;System.Net.Http - 4.1.2,4.3.2;System.Net.Http.WinHttpHandler - 4.0.2,4.5.4;System.Net.Security - 4.0.1,4.3.1;System.Net.WebSockets.Client - 4.0.1,4.3.1;Microsoft.AspNetCore.Mvc - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.Core - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.Abstractions - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.ApiExplorer - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.Cors - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.DataAnnotations - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.Formatters.Json - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.Formatters.Xml - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.Localization - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.Razor.Host - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.Razor - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.TagHelpers - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.ViewFeatures - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.WebApiCompatShim - 1.0.4,1.1.3

Vulnerable Library - system.net.http.4.3.0.nupkg

Provides a programming interface for modern HTTP applications, including HTTP client components that...

Library home page: https://api.nuget.org/packages/system.net.http.4.3.0.nupkg

Dependency Hierarchy:

• DevExtreme.AspNet.Core-19.2.7 (Root Library)
  • microsoft.aspnetcore.mvc.2.0.0.nupkg
    • microsoft.aspnetcore.mvc.viewfeatures.2.0.0.nupkg
      • newtonsoft.json.bson.1.0.1.nupkg
        • netstandard.library.1.6.1.nupkg
          • ❌ system.net.http.4.3.0.nupkg (Vulnerable Library)

Found in HEAD commit: 52b0261e5528c3fe6547b5a0c0bb6735a0bc7517

Found in base branch: master

Vulnerability Details

Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to bypass Enhanced Security Usage taggings when they present a certificate that is invalid for a specific use, aka ".NET Security Feature Bypass Vulnerability."

Publish Date: 2017-05-12

URL: CVE-2017-0248

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Release Date: 2017-05-12

Fix Resolution: System.Text.Encodings.Web - 4.0.1, 4.3.1;System.Net.Http - 4.1.2, 4.3.2;System.Net.Http.WinHttpHandler - 4.0.2, 4.3.1;System.Net.Security - 4.0.1, 4.3.1;System.Net.WebSockets.Client - 4.0.1, 4.3.1;Microsoft.AspNetCore.Mvc - 1.0.4, 1.1.3;Microsoft.AspNetCore.Mvc.Core - 1.0.4, 1.1.3;Microsoft.AspNetCore.Mvc.Abstractions - 1.0.4, 1.1.3;Microsoft.AspNetCore.Mvc.ApiExplorer - 1.0.4, 1.1.3;Microsoft.AspNetCore.Mvc.Cors - 1.0.4, 1.1.3;Microsoft.AspNetCore.Mvc.DataAnnotations - 1.0.4, 1.1.3;Microsoft.AspNetCore.Mvc.Formatters.Json - 1.0.4, 1.1.3;Microsoft.AspNetCore.Mvc.Formatters.Xml - 1.0.4, 1.1.3;Microsoft.AspNetCore.Mvc.Localization - 1.0.4, 1.1.3;Microsoft.AspNetCore.Mvc.Razor.Host - 1.0.4, 1.1.3;Microsoft.AspNetCore.Mvc.Razor - 1.0.4, 1.1.3;Microsoft.AspNetCore.Mvc.TagHelpers - 1.0.4, 1.1.3;Microsoft.AspNetCore.Mvc.ViewFeatures - 1.0.4, 1.1.3;Microsoft.AspNetCore.Mvc.WebApiCompatShim - 1.0.4, 1.1.3

Vulnerable Libraries - jszip-3.2.1.js, jszip-3.2.2.min.js

Found in HEAD commit: 52b0261e5528c3fe6547b5a0c0bb6735a0bc7517

Found in base branch: master

Vulnerability Details

loadAsync in JSZip before 3.8.0 allows Directory Traversal via a crafted ZIP archive.

Publish Date: 2023-01-29

URL: CVE-2022-48285

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://www.cve.org/CVERecord?id=CVE-2022-48285

Release Date: 2023-01-29

Fix Resolution: jszip - 3.8.0

Vulnerable Libraries - jquery.validate-1.17.0.js, jquery.validate-1.17.0.min.js

Found in base branch: master

Vulnerability Details

The jQuery Validation Plugin (jquery-validation) provides drop-in validation for forms. Versions of jquery-validation prior to 1.19.5 are vulnerable to regular expression denial of service (ReDoS) when an attacker is able to supply arbitrary input to the url2 method. This is due to an incomplete fix for CVE-2021-43306. Users should upgrade to version 1.19.5 to receive a patch.

Publish Date: 2022-07-14

URL: CVE-2022-31147

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-ffmh-x56j-9rc3

Release Date: 2022-07-14

Fix Resolution: jquery-validation - 1.19.5

Vulnerable Libraries - jquery-3.3.1.min.js, jquery-3.3.1.js

Found in HEAD commit: 52b0261e5528c3fe6547b5a0c0bb6735a0bc7517

Found in base branch: master

Vulnerability Details

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.

Publish Date: 2019-04-20

URL: CVE-2019-11358

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358

Release Date: 2019-04-20

Fix Resolution: jquery - 3.4.0

Vulnerable Libraries - jquery-3.4.1.js, jquery-3.3.1.min.js, jquery-3.3.1.js, microsoft.visualstudio.web.codegenerators.mvc.3.1.1.nupkg, jquery-3.4.1.min.js

Found in HEAD commit: 52b0261e5528c3fe6547b5a0c0bb6735a0bc7517

Found in base branch: master

Vulnerability Details

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Publish Date: 2020-04-29

URL: CVE-2020-11022

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022

Release Date: 2020-04-29

Fix Resolution: jQuery - 3.5.0

Vulnerable Libraries - jszip-3.2.1.js, jszip-3.2.2.min.js

Found in base branch: master

Vulnerability Details

loadAsync in JSZip before 3.8.0 allows Directory Traversal via a crafted ZIP archive.

Publish Date: 2023-01-29

URL: CVE-2022-48285

CVSS 3 Score Details (7.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: Low

Suggested Fix

Type: Upgrade version

Release Date: 2023-01-29

Fix Resolution: jszip - 3.8.0

Vulnerable Library - system.text.regularexpressions.4.3.0.nupkg

Provides the System.Text.RegularExpressions.Regex class, an implementation of a regular expression e...

Library home page: https://api.nuget.org/packages/system.text.regularexpressions.4.3.0.nupkg

Path to dependency file: /SandboxOne/SandboxOne.csproj

Path to vulnerable library: /SandboxOne/SandboxOne.csproj

Dependency Hierarchy:

• microsoft.visualstudio.web.codegeneration.design.3.1.1.nupkg (Root Library)
  • microsoft.visualstudio.web.codegenerators.mvc.3.1.1.nupkg
    • microsoft.visualstudio.web.codegeneration.3.1.1.nupkg
      • microsoft.visualstudio.web.codegeneration.entityframeworkcore.3.1.1.nupkg
        • microsoft.visualstudio.web.codegeneration.core.3.1.1.nupkg
          • microsoft.visualstudio.web.codegeneration.templating.3.1.1.nupkg
            • microsoft.visualstudio.web.codegeneration.utils.3.1.1.nupkg
              • NuGet.Frameworks-4.7.0
                • netstandard.library.1.6.1.nupkg
                  • system.xml.xdocument.4.3.0.nupkg
                  • system.xml.readerwriter.4.3.0.nupkg
                  • ❌ system.text.regularexpressions.4.3.0.nupkg (Vulnerable Library)

Found in base branch: master

Vulnerability Details

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.

Publish Date: 2019-05-16

URL: CVE-2019-0820

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-cmhx-cq75-c4mj

Release Date: 2019-05-16

Fix Resolution: System.Text.RegularExpressions - 4.3.1

Vulnerable Library - microsoft.aspnetcore.mvc.core.2.0.0.nupkg

ASP.NET Core MVC core components. Contains common action result types, attribute routing, applicatio...

Library home page: https://api.nuget.org/packages/microsoft.aspnetcore.mvc.core.2.0.0.nupkg

Path to dependency file: /SandboxOne/SandboxOne.csproj

Path to vulnerable library: /SandboxOne/SandboxOne.csproj

Dependency Hierarchy:

• DevExtreme.AspNet.Core-19.2.7 (Root Library)
  • microsoft.aspnetcore.mvc.2.0.0.nupkg
    • microsoft.aspnetcore.mvc.viewfeatures.2.0.0.nupkg
      • ❌ microsoft.aspnetcore.mvc.core.2.0.0.nupkg (Vulnerable Library)

Found in base branch: master

Vulnerability Details

ASP.NET Core 2.0 allows an attacker to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka "ASP.NET Core Elevation Of Privilege Vulnerability".

Publish Date: 2017-11-15

URL: CVE-2017-11879

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Release Date: 2017-11-14

Fix Resolution: Microsoft.AspNetCore.All - 2.0.3;Microsoft.AspNetCore.Mvc.Core - 2.0.1

Vulnerable Libraries - jquery-3.4.1.js, jquery-3.3.1.min.js, jquery-3.3.1.js, microsoft.visualstudio.web.codegenerators.mvc.3.1.1.nupkg, jquery-3.4.1.min.js

Found in base branch: master

Vulnerability Details

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Publish Date: 2020-04-29

URL: CVE-2020-11022

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022

Release Date: 2020-04-29

Fix Resolution: jQuery - 3.5.0

Vulnerable Libraries - jquery-3.4.1.js, jquery-3.3.1.min.js, jquery-3.3.1.js, jquery-3.4.1.min.js

Found in HEAD commit: 52b0261e5528c3fe6547b5a0c0bb6735a0bc7517

Found in base branch: master

Vulnerability Details

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Publish Date: 2020-04-29

URL: CVE-2020-11023

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6,https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440

Release Date: 2020-04-29

Fix Resolution: jquery - 3.5.0;jquery-rails - 4.4.0

Vulnerable Libraries - Newtonsoft.Json-11.0.2.21924.dll, newtonsoft.json.11.0.2.nupkg

Found in HEAD commit: 52b0261e5528c3fe6547b5a0c0bb6735a0bc7517

Found in base branch: master

Vulnerability Details

Improper Handling of Exceptional Conditions in Newtonsoft.Json.
Newtonsoft.Json prior to version 13.0.1 is vulnerable to Insecure Defaults due to improper handling of StackOverFlow exception (SOE) whenever nested expressions are being processed. Exploiting this vulnerability results in Denial Of Service (DoS), and it is exploitable when an attacker sends 5 requests that cause SOE in time frame of 5 minutes. This vulnerability affects Internet Information Services (IIS) Applications.

Publish Date: 2022-06-22

URL: WS-2022-0161

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Release Date: 2022-06-22

Fix Resolution: Newtonsoft.Json - 13.0.1;Microsoft.Extensions.ApiDescription.Server - 6.0.0

Vulnerable Library - system.net.http.4.3.0.nupkg

Provides a programming interface for modern HTTP applications, including HTTP client components that...

Library home page: https://api.nuget.org/packages/system.net.http.4.3.0.nupkg

Dependency Hierarchy:

• DevExtreme.AspNet.Core-19.2.7 (Root Library)
  • microsoft.aspnetcore.mvc.2.0.0.nupkg
    • microsoft.aspnetcore.mvc.viewfeatures.2.0.0.nupkg
      • newtonsoft.json.bson.1.0.1.nupkg
        • netstandard.library.1.6.1.nupkg
          • ❌ system.net.http.4.3.0.nupkg (Vulnerable Library)

Found in HEAD commit: 52b0261e5528c3fe6547b5a0c0bb6735a0bc7517

Found in base branch: master

Vulnerability Details

An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.

Publish Date: 2017-05-12

URL: CVE-2017-0249

CVSS 3 Score Details (7.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: Low

Suggested Fix

Type: Upgrade version

Release Date: 2017-05-12

Fix Resolution: System.Text.Encodings.Web - 4.0.1,4.3.1;System.Net.Http - 4.1.2,4.3.2;System.Net.Http.WinHttpHandler - 4.0.2,4.3.1;System.Net.Security - 4.0.1,4.3.1;System.Net.WebSockets.Client - 4.0.1,4.3.1;Microsoft.AspNetCore.Mvc - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.Core - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.Abstractions - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.ApiExplorer - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.Cors - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.DataAnnotations - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.Formatters.Json - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.Formatters.Xml - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.Localization - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.Razor.Host - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.Razor - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.TagHelpers - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.ViewFeatures - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.WebApiCompatShim - 1.0.4,1.1.3

Vulnerable Library - system.text.regularexpressions.4.3.0.nupkg

Provides the System.Text.RegularExpressions.Regex class, an implementation of a regular expression e...

Library home page: https://api.nuget.org/packages/system.text.regularexpressions.4.3.0.nupkg

Dependency Hierarchy:

• microsoft.visualstudio.web.codegeneration.design.3.1.1.nupkg (Root Library)
  • microsoft.visualstudio.web.codegenerators.mvc.3.1.1.nupkg
    • microsoft.visualstudio.web.codegeneration.3.1.1.nupkg
      • microsoft.visualstudio.web.codegeneration.entityframeworkcore.3.1.1.nupkg
        • microsoft.visualstudio.web.codegeneration.core.3.1.1.nupkg
          • microsoft.visualstudio.web.codegeneration.templating.3.1.1.nupkg
            • microsoft.visualstudio.web.codegeneration.utils.3.1.1.nupkg
              • NuGet.Frameworks-4.7.0
                • netstandard.library.1.6.1.nupkg
                  • system.xml.xdocument.4.3.0.nupkg
                  • system.xml.readerwriter.4.3.0.nupkg
                  • ❌ system.text.regularexpressions.4.3.0.nupkg (Vulnerable Library)

Found in HEAD commit: 52b0261e5528c3fe6547b5a0c0bb6735a0bc7517

Found in base branch: master

Vulnerability Details

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.
Mend Note: After conducting further research, Mend has determined that CVE-2019-0820 only affects environments with versions 4.3.0 and 4.3.1 only on netcore50 environment of system.text.regularexpressions.nupkg.

Publish Date: 2019-05-16

URL: CVE-2019-0820

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-cmhx-cq75-c4mj

Release Date: 2019-05-16

Fix Resolution: System.Text.RegularExpressions - 4.3.1

Vulnerable Library - Microsoft.AspNetCore.Server.Kestrel.Core-3.100.320.12812.dll

Microsoft.AspNetCore.Server.Kestrel.Core

Library home page: https://api.nuget.org/packages/docify.0.2.3.nupkg

Path to vulnerable library: /SandboxOne/bin/Debug/netcoreapp3.1/refs/Microsoft.AspNetCore.Server.Kestrel.Core.dll

Dependency Hierarchy:

• ❌ Microsoft.AspNetCore.Server.Kestrel.Core-3.100.320.12812.dll (Vulnerable Library)

Found in base branch: master

Vulnerability Details

ASP.NET Core and Visual Studio Denial of Service Vulnerability

Publish Date: 2021-01-12

URL: CVE-2021-1723

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2021-1723

Release Date: 2021-01-12

Fix Resolution: Microsoft.AspNetCore.App.Runtime.win-arm64 - 5.0.2;LiveReloadServer - 1.1.0;Plugga.Core - 1.0.2;Maple.Branch.Module - 1.0.4;Microsoft.AspNetCore.Components.WebAssembly.Server - 5.0.1,5.0.0-rc.1.20451.17;AspNetCoreRuntime.5.0.x64 - 5.0.2;AspNetCoreRuntime.5.0.x86 - 5.0.2;Microsoft.AspNetCore.App.Runtime.osx-x64 - 5.0.2,3.1.10;GrazeDocs - 2.0.1;Microsoft.AspNetCore.App.Runtime.linux-musl-arm - 5.0.2;Microsoft.AspNetCore.App.Runtime.linux-musl-x64 - 5.0.2,3.1.10;YHWins.Template - 1.1.0;Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 - 3.1.10,5.0.2;Microsoft.AspNetCore.App.Runtime.linux-arm64 - 3.1.10,5.0.2;Microsoft.AspNetCore.App.Ref - 3.1.10,6.0.0-rc.1.21452.15;Microsoft.AspNetCore.Blazor.DevServer - 3.2.0-preview1.20073.1,3.1.0-preview4.19579.2;Microsoft.AspNetCore.App.Runtime.linux-arm - 3.1.10,5.0.2;Microsoft.AspNetCore.App.Runtime.linux-x64 - 3.1.10,5.0.2;stankins.console - 2020.12.20-beta298;Toolbelt.Blazor.DevServer.WithCssLiveReloader - 5.0.1,5.0.0-rc.1.20451.17;DragonFire.Server - 0.0.1-alpha.0;PoExtractor.OrchardCore - 0.5.0-rc2-16220;Microsoft.AspNetCore.App.Runtime.win-arm - 3.1.10,5.0.2;Microsoft.AspNetCore.App.Runtime.win-x64 - 3.1.10,5.0.2;Microsoft.AspNetCore.App.Runtime.win-x86 - 3.1.10,5.0.2;HuLu.Template.Api - 1.0.2;AspNetCoreRuntime.3.1.x64 - 3.1.10;AspNetCoreRuntime.3.1.x86 - 3.1.10;Microsoft.AspNetCore.Components.WebAssembly.DevServer - 5.0.0-rc.1.20451.17,5.0.1;Microsoft.AspNetCore.App.Runtime.win-arm64 - 3.1.10;lingman-webapi - 0.0.18

Vulnerable Libraries - jquery.validate-1.17.0.js, jquery.validate-1.17.0.min.js

Found in base branch: master

Vulnerability Details

The jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package "jquery-validation". jquery-validation before version 1.19.3 contains one or more regular expressions that are vulnerable to ReDoS (Regular Expression Denial of Service). This is fixed in 1.19.3.

Publish Date: 2021-01-13

URL: CVE-2021-21252

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-jxwx-85vp-gvwm

Release Date: 2021-01-13

Fix Resolution: jquery-validation - 1.19.3

Vulnerable Libraries - Newtonsoft.Json-11.0.2.21924.dll, newtonsoft.json.11.0.2.nupkg

Found in base branch: master

Vulnerability Details

Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the library, an unauthenticated and remote attacker may be able to cause the denial of service condition.

Publish Date: 2024-01-03

URL: CVE-2024-21907

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-5crp-9r3c-p9vr

Release Date: 2024-01-03

Fix Resolution: Newtonsoft.Json - 13.0.1

Vulnerable Library - system.security.cryptography.xml.4.4.0.nupkg

Library home page: https://api.nuget.org/packages/system.security.cryptography.xml.4.4.0.nupkg

Dependency Hierarchy:

• DevExtreme.AspNet.Core-19.2.7 (Root Library)
  • microsoft.aspnetcore.mvc.2.0.0.nupkg
    • microsoft.aspnetcore.mvc.viewfeatures.2.0.0.nupkg
      • microsoft.aspnetcore.antiforgery.2.0.0.nupkg
        • microsoft.aspnetcore.dataprotection.2.0.0.nupkg
          • ❌ system.security.cryptography.xml.4.4.0.nupkg (Vulnerable Library)

Found in HEAD commit: 52b0261e5528c3fe6547b5a0c0bb6735a0bc7517

Found in base branch: master

Vulnerability Details

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core 3.1 and .NET 6.0. An information disclosure vulnerability exists in .NET Core 3.1 and .NET 6.0 that could lead to unauthorized access of privileged information.

Affected software

• Any .NET 6.0 application running on .NET 6.0.7 or earlier.
• Any .NET Core 3.1 applicaiton running on .NET Core 3.1.27 or earlier.

Patches

• If you're using .NET 6.0, you should download and install Runtime 6.0.8 or SDK 6.0.108 (for Visual Studio 2022 v17.1) from https://dotnet.microsoft.com/download/dotnet-core/6.0.
• If you're using .NET Core 3.1, you should download and install Runtime 3.1.28 (for Visual Studio 2019 v16.9) from https://dotnet.microsoft.com/download/dotnet-core/3.1.

Publish Date: 2022-08-09

URL: CVE-2022-34716

CVSS 3 Score Details (5.9)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: GHSA-2m65-m22p-9wjw

Release Date: 2022-08-09

Fix Resolution: Microsoft.AspNetCore.App.Runtime.linux-arm - 3.1.28,6.0.8;Microsoft.AspNetCore.App.Runtime.linux-arm64 - 3.1.28,6.0.8;Microsoft.AspNetCore.App.Runtime.linux-musl-arm - 3.1.28,6.0.8;Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 - 3.1.28,6.0.8;Microsoft.AspNetCore.App.Runtime.linux-musl-x64 - 3.1.28,6.0.8;Microsoft.AspNetCore.App.Runtime.linux-x64 - 3.1.28,6.0.8;Microsoft.AspNetCore.App.Runtime.osx-x64 - 3.1.28,6.0.8;Microsoft.AspNetCore.App.Runtime.win-arm - 3.1.28,6.0.8;Microsoft.AspNetCore.App.Runtime.win-arm64 - 3.1.28,6.0.8;Microsoft.AspNetCore.App.Runtime.win-x64 - 3.1.28,6.0.8;Microsoft.AspNetCore.App.Runtime.win-x86 - 3.1.28,6.0.8;System.Security.Cryptography.Xml - 4.7.1,6.0.1

Vulnerable Library - microsoft.aspnetcore.http.2.0.0.nupkg

ASP.NET Core default HTTP feature implementations.

Library home page: https://api.nuget.org/packages/microsoft.aspnetcore.http.2.0.0.nupkg

Path to dependency file: /SandboxOne/SandboxOne.csproj

Path to vulnerable library: /SandboxOne/SandboxOne.csproj

Dependency Hierarchy:

• DevExtreme.AspNet.Core-19.2.7 (Root Library)
  • microsoft.aspnetcore.mvc.2.0.0.nupkg
    • microsoft.aspnetcore.mvc.viewfeatures.2.0.0.nupkg
      • microsoft.aspnetcore.mvc.core.2.0.0.nupkg
        • microsoft.aspnetcore.authentication.core.2.0.0.nupkg
          • ❌ microsoft.aspnetcore.http.2.0.0.nupkg (Vulnerable Library)

Found in base branch: master

Vulnerability Details

A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.

The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.

The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.

Publish Date: 2020-09-11

URL: CVE-2020-1045

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Release Date: 2020-09-11

Fix Resolution: Microsoft.AspNetCore.App - 2.1.22, Microsoft.AspNetCore.All - 2.1.22,Microsoft.NETCore.App - 2.1.22, Microsoft.AspNetCore.Http - 2.1.22

Vulnerable Library - system.security.cryptography.xml.4.4.0.nupkg

Library home page: https://api.nuget.org/packages/system.security.cryptography.xml.4.4.0.nupkg

Path to dependency file: /SandboxOne/SandboxOne.csproj

Path to vulnerable library: /SandboxOne/SandboxOne.csproj

Dependency Hierarchy:

• DevExtreme.AspNet.Core-19.2.7 (Root Library)
  • microsoft.aspnetcore.mvc.2.0.0.nupkg
    • microsoft.aspnetcore.mvc.viewfeatures.2.0.0.nupkg
      • microsoft.aspnetcore.antiforgery.2.0.0.nupkg
        • microsoft.aspnetcore.dataprotection.2.0.0.nupkg
          • ❌ system.security.cryptography.xml.4.4.0.nupkg (Vulnerable Library)

Found in base branch: master

Vulnerability Details

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core 3.1 and .NET 6.0. An information disclosure vulnerability exists in .NET Core 3.1 and .NET 6.0 that could lead to unauthorized access of privileged information.

Affected software

• Any .NET 6.0 application running on .NET 6.0.7 or earlier.
• Any .NET Core 3.1 applicaiton running on .NET Core 3.1.27 or earlier.

Patches

• If you're using .NET 6.0, you should download and install Runtime 6.0.8 or SDK 6.0.108 (for Visual Studio 2022 v17.1) from https://dotnet.microsoft.com/download/dotnet-core/6.0.
• If you're using .NET Core 3.1, you should download and install Runtime 3.1.28 (for Visual Studio 2019 v16.9) from https://dotnet.microsoft.com/download/dotnet-core/3.1.

Publish Date: 2022-08-09

URL: CVE-2022-34716

CVSS 3 Score Details (5.9)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: GHSA-2m65-m22p-9wjw

Release Date: 2022-08-09

Fix Resolution: Microsoft.AspNetCore.App.Runtime.linux-arm - 3.1.28,6.0.8;Microsoft.AspNetCore.App.Runtime.linux-arm64 - 3.1.28,6.0.8;Microsoft.AspNetCore.App.Runtime.linux-musl-arm - 3.1.28,6.0.8;Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 - 3.1.28,6.0.8;Microsoft.AspNetCore.App.Runtime.linux-musl-x64 - 3.1.28,6.0.8;Microsoft.AspNetCore.App.Runtime.linux-x64 - 3.1.28,6.0.8;Microsoft.AspNetCore.App.Runtime.osx-x64 - 3.1.28,6.0.8;Microsoft.AspNetCore.App.Runtime.win-arm - 3.1.28,6.0.8;Microsoft.AspNetCore.App.Runtime.win-arm64 - 3.1.28,6.0.8;Microsoft.AspNetCore.App.Runtime.win-x64 - 3.1.28,6.0.8;Microsoft.AspNetCore.App.Runtime.win-x86 - 3.1.28,6.0.8;System.Security.Cryptography.Xml - 4.7.1,6.0.1

Vulnerable Library - microsoft.aspnetcore.http.2.0.0.nupkg

ASP.NET Core default HTTP feature implementations.

Library home page: https://api.nuget.org/packages/microsoft.aspnetcore.http.2.0.0.nupkg

Dependency Hierarchy:

• DevExtreme.AspNet.Core-19.2.7 (Root Library)
  • microsoft.aspnetcore.mvc.2.0.0.nupkg
    • microsoft.aspnetcore.mvc.viewfeatures.2.0.0.nupkg
      • microsoft.aspnetcore.mvc.core.2.0.0.nupkg
        • microsoft.aspnetcore.authentication.core.2.0.0.nupkg
          • ❌ microsoft.aspnetcore.http.2.0.0.nupkg (Vulnerable Library)

Found in HEAD commit: 52b0261e5528c3fe6547b5a0c0bb6735a0bc7517

Found in base branch: master

Vulnerability Details

A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names., aka 'Microsoft ASP.NET Core Security Feature Bypass Vulnerability'.

Publish Date: 2020-09-11

URL: CVE-2020-1045

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Release Date: 2020-09-11

Fix Resolution: Microsoft.AspNetCore.App - 2.1.22, Microsoft.AspNetCore.All - 2.1.22,Microsoft.NETCore.App - 2.1.22, Microsoft.AspNetCore.Http - 2.1.22

Vulnerable Library - system.text.encodings.web.4.5.0.nupkg

Provides types for encoding and escaping strings for use in JavaScript, HyperText Markup Language (H...

Library home page: https://api.nuget.org/packages/system.text.encodings.web.4.5.0.nupkg

Dependency Hierarchy:

• microsoft.visualstudio.web.codegeneration.design.3.1.1.nupkg (Root Library)
  • microsoft.visualstudio.web.codegenerators.mvc.3.1.1.nupkg
    • microsoft.visualstudio.web.codegeneration.3.1.1.nupkg
      • microsoft.visualstudio.web.codegeneration.entityframeworkcore.3.1.1.nupkg
        • microsoft.visualstudio.web.codegeneration.core.3.1.1.nupkg
          • microsoft.visualstudio.web.codegeneration.templating.3.1.1.nupkg
            • microsoft.aspnetcore.razor.runtime.2.2.0.nupkg
              • microsoft.aspnetcore.html.abstractions.2.2.0.nupkg
                • ❌ system.text.encodings.web.4.5.0.nupkg (Vulnerable Library)

Found in HEAD commit: 52b0261e5528c3fe6547b5a0c0bb6735a0bc7517

Found in base branch: master

Vulnerability Details

.NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24112.

Publish Date: 2021-02-25

URL: CVE-2021-26701

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Release Date: 2021-02-25

Fix Resolution: System.Text.Encodings.Web - 4.5.1,4.7.2,5.0.1

Vulnerable Libraries - jquery.validate-1.17.0.js, jquery.validate-1.17.0.min.js

Found in HEAD commit: 52b0261e5528c3fe6547b5a0c0bb6735a0bc7517

Found in base branch: master

Vulnerability Details

The jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package "jquery-validation". jquery-validation before version 1.19.3 contains one or more regular expressions that are vulnerable to ReDoS (Regular Expression Denial of Service). This is fixed in 1.19.3.

Publish Date: 2021-01-13

URL: CVE-2021-21252

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-jxwx-85vp-gvwm

Release Date: 2021-01-13

Fix Resolution: jquery-validation - 1.19.3

Vulnerable Libraries - jquery-3.4.1.js, jquery-3.3.1.min.js, jquery-3.3.1.js, jquery-3.4.1.min.js

Found in base branch: master

Vulnerability Details

Cross Site Scripting vulnerability in jQuery 2.2.0 through 3.x before 3.5.0 allows a remote attacker to execute arbitrary code via the element.

Publish Date: 2023-06-26

URL: CVE-2020-23064

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/

Release Date: 2023-06-26

Fix Resolution: jquery - 3.5.0

Vulnerable Library - system.net.http.4.3.0.nupkg

Provides a programming interface for modern HTTP applications, including HTTP client components that...

Library home page: https://api.nuget.org/packages/system.net.http.4.3.0.nupkg

Dependency Hierarchy:

• microsoft.visualstudio.web.codegeneration.design.3.1.1.nupkg (Root Library)
  • microsoft.visualstudio.web.codegenerators.mvc.3.1.1.nupkg
    • microsoft.visualstudio.web.codegeneration.3.1.1.nupkg
      • microsoft.visualstudio.web.codegeneration.entityframeworkcore.3.1.1.nupkg
        • microsoft.visualstudio.web.codegeneration.core.3.1.1.nupkg
          • microsoft.visualstudio.web.codegeneration.templating.3.1.1.nupkg
            • microsoft.visualstudio.web.codegeneration.utils.3.1.1.nupkg
              • NuGet.Frameworks-4.7.0
                • netstandard.library.1.6.1.nupkg
                  • ❌ system.net.http.4.3.0.nupkg (Vulnerable Library)

Found in HEAD commit: 52b0261e5528c3fe6547b5a0c0bb6735a0bc7517

Found in base branch: master

Vulnerability Details

An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect, aka ".NET Core Information Disclosure Vulnerability." This affects .NET Core 2.1, .NET Core 1.0, .NET Core 1.1, PowerShell Core 6.0.

Publish Date: 2018-10-10

URL: CVE-2018-8292

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Release Date: 2018-10-10

Fix Resolution: System.Net.Http - 4.3.4;Microsoft.PowerShell.Commands.Utility - 6.1.0-rc.1

Vulnerable Libraries - jquery-3.3.1.min.js, jquery-3.3.1.js

Found in base branch: master

Vulnerability Details

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.

Publish Date: 2019-04-20

URL: CVE-2019-11358

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358

Release Date: 2019-04-20

Fix Resolution: jquery - 3.4.0

Vulnerable Library - system.net.http.4.3.0.nupkg

Provides a programming interface for modern HTTP applications, including HTTP client components that...

Library home page: https://api.nuget.org/packages/system.net.http.4.3.0.nupkg

Dependency Hierarchy:

• DevExtreme.AspNet.Core-19.2.7 (Root Library)
  • microsoft.aspnetcore.mvc.2.0.0.nupkg
    • microsoft.aspnetcore.mvc.viewfeatures.2.0.0.nupkg
      • newtonsoft.json.bson.1.0.1.nupkg
        • netstandard.library.1.6.1.nupkg
          • ❌ system.net.http.4.3.0.nupkg (Vulnerable Library)

Found in HEAD commit: 52b0261e5528c3fe6547b5a0c0bb6735a0bc7517

Found in base branch: master

Vulnerability Details

A spoofing vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.

Publish Date: 2017-05-12

URL: CVE-2017-0256

CVSS 3 Score Details (5.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-0256

Release Date: 2017-05-12

Fix Resolution: Microsoft.AspNetCore.Mvc.ApiExplorer - 1.1.3,1.0.4;Microsoft.AspNetCore.Mvc.Abstractions - 1.1.3,1.0.4;Microsoft.AspNetCore.Mvc.Core - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.Cors - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.Localization - 1.1.3,1.0.4;System.Net.Http - 4.1.2,4.3.2;Microsoft.AspNetCore.Mvc.Razor - 1.1.3,1.0.4;System.Net.Http.WinHttpHandler - 4.0.2,4.3.0-preview1-24530-04;System.Net.Security - 4.3.0-preview1-24530-04,4.0.1;Microsoft.AspNetCore.Mvc.ViewFeatures - 1.1.3,1.0.4;Microsoft.AspNetCore.Mvc.TagHelpers - 1.0.4,1.1.3;System.Text.Encodings.Web - 4.3.0-preview1-24530-04,4.0.1;Microsoft.AspNetCore.Mvc.Razor.Host - 1.1.3,1.0.4;Microsoft.AspNetCore.Mvc.Formatters.Json - 1.0.4,1.1.3;Microsoft.AspNetCore.Mvc.WebApiCompatShim - 1.0.4,1.1.3;System.Net.WebSockets.Client - 4.3.0-preview1-24530-04,4.0.1;Microsoft.AspNetCore.Mvc.Formatters.Xml - 1.1.3,1.0.4;Microsoft.AspNetCore.Mvc.DataAnnotations - 1.0.4,1.1.3

Vulnerable Library - system.net.http.4.3.0.nupkg

Provides a programming interface for modern HTTP applications, including HTTP client components that...

Library home page: https://api.nuget.org/packages/system.net.http.4.3.0.nupkg

Path to dependency file: /SandboxOne/SandboxOne.csproj

Path to vulnerable library: /SandboxOne/SandboxOne.csproj

Dependency Hierarchy:

• microsoft.visualstudio.web.codegeneration.design.3.1.1.nupkg (Root Library)
  • microsoft.visualstudio.web.codegenerators.mvc.3.1.1.nupkg
    • microsoft.visualstudio.web.codegeneration.3.1.1.nupkg
      • microsoft.visualstudio.web.codegeneration.entityframeworkcore.3.1.1.nupkg
        • microsoft.visualstudio.web.codegeneration.core.3.1.1.nupkg
          • microsoft.visualstudio.web.codegeneration.templating.3.1.1.nupkg
            • microsoft.visualstudio.web.codegeneration.utils.3.1.1.nupkg
              • NuGet.Frameworks-4.7.0
                • netstandard.library.1.6.1.nupkg
                  • ❌ system.net.http.4.3.0.nupkg (Vulnerable Library)

Found in base branch: master

Vulnerability Details

An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect, aka ".NET Core Information Disclosure Vulnerability." This affects .NET Core 2.1, .NET Core 1.0, .NET Core 1.1, PowerShell Core 6.0.

Publish Date: 2018-10-10

URL: CVE-2018-8292

CVSS 3 Score Details (5.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Release Date: 2018-10-10

Fix Resolution: System.Net.Http - 4.3.4;Microsoft.PowerShell.Commands.Utility - 6.1.0-rc.1

Vulnerable Library - system.text.encodings.web.4.5.0.nupkg

Provides types for encoding and escaping strings for use in JavaScript, HyperText Markup Language (H...

Library home page: https://api.nuget.org/packages/system.text.encodings.web.4.5.0.nupkg

Path to dependency file: /SandboxOne/SandboxOne.csproj

Path to vulnerable library: /SandboxOne/SandboxOne.csproj

Dependency Hierarchy:

• microsoft.visualstudio.web.codegeneration.design.3.1.1.nupkg (Root Library)
  • microsoft.visualstudio.web.codegenerators.mvc.3.1.1.nupkg
    • microsoft.visualstudio.web.codegeneration.3.1.1.nupkg
      • microsoft.visualstudio.web.codegeneration.entityframeworkcore.3.1.1.nupkg
        • microsoft.visualstudio.web.codegeneration.core.3.1.1.nupkg
          • microsoft.visualstudio.web.codegeneration.templating.3.1.1.nupkg
            • microsoft.aspnetcore.razor.runtime.2.2.0.nupkg
              • microsoft.aspnetcore.html.abstractions.2.2.0.nupkg
                • ❌ system.text.encodings.web.4.5.0.nupkg (Vulnerable Library)

Found in base branch: master

Vulnerability Details

.NET Core Remote Code Execution Vulnerability

Publish Date: 2021-02-25

URL: CVE-2021-26701

CVSS 3 Score Details (8.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Release Date: 2021-02-25

Fix Resolution: System.Text.Encodings.Web - 4.5.1,4.7.2,5.0.1

Vulnerable Library - microsoft.aspnetcore.mvc.core.2.0.0.nupkg

ASP.NET Core MVC core components. Contains common action result types, attribute routing, applicatio...

Library home page: https://api.nuget.org/packages/microsoft.aspnetcore.mvc.core.2.0.0.nupkg

Dependency Hierarchy:

• DevExtreme.AspNet.Core-19.2.7 (Root Library)
  • microsoft.aspnetcore.mvc.2.0.0.nupkg
    • microsoft.aspnetcore.mvc.viewfeatures.2.0.0.nupkg
      • ❌ microsoft.aspnetcore.mvc.core.2.0.0.nupkg (Vulnerable Library)

Found in HEAD commit: 52b0261e5528c3fe6547b5a0c0bb6735a0bc7517

Found in base branch: master

Vulnerability Details

ASP.NET Core 2.0 allows an attacker to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka "ASP.NET Core Elevation Of Privilege Vulnerability".

Publish Date: 2017-11-15

URL: CVE-2017-11879

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Release Date: 2017-11-15

Fix Resolution: Microsoft.AspNetCore.All - 2.0.3;Microsoft.AspNetCore.Mvc.Core - 2.0.1

Vulnerable Libraries - jszip-3.2.1.js, jszip-3.2.2.min.js

Found in HEAD commit: 52b0261e5528c3fe6547b5a0c0bb6735a0bc7517

Found in base branch: master

Vulnerability Details

jszip before 3.8.0 does not sanitize filenames when files are loaded with loadAsync, which makes the library vunerable to zip-slip attack.

Publish Date: 2023-01-04

URL: WS-2023-0004

CVSS 3 Score Details (7.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: Low

Suggested Fix

Type: Upgrade version

Release Date: 2023-01-04

Fix Resolution: jszip - 3.8.0