Microsoft.netcore.app
This hub aggregates every CVE we track for Microsoft.netcore.app, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
10
CVEs tracked
0
Critical
6
High
1
In CISA KEV
Severity distribution
HIGH6MEDIUM4
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 10 most recently published vulnerabilities affecting Microsoft.netcore.app.
- CVE-2021-34485.NET Core and Visual Studio Information Disclosure Vulnerability5.0
- CVE-2021-1721.NET Core and Visual Studio Denial of Service Vulnerability6.5
- CVE-2020-1147A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, Sh...KEV7.8
- CVE-2020-1108A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.7.5
- CVE-2019-0657A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'.5.9
- CVE-2019-0564A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka "ASP.NET Core Denial of Service Vulnerability." This affects ASP.NET Core 2.1. This CVE ID is unique ...7.5
- CVE-2019-0545An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations, aka ".NET Framework Information Disclosure...7.5
- CVE-2018-8416A tampering vulnerability exists when .NET Core improperly handles specially crafted files, aka ".NET Core Tampering Vulnerability." This affects .NET Core 2.1.6.5
- CVE-2017-11770.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to remotely cause a denial of service attack against a .NET Core web application by improperly parsing certificate data. A denial of se...7.5
- CVE-2017-8585Microsoft .NET Framework 4.6, 4.6.1, 4.6.2, and 4.7 allow an attacker to send specially crafted requests to a .NET web application, resulting in denial of service, aka .NET Denial of Service Vulner...7.5
Product normalization is registry-driven with AI assist and human review. How it works