Download
| Alert*
|
oval:org.secpod.oval:def:65554
A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names. The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded. The security update addresses ... oval:org.secpod.oval:def:504280 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 3.1.108 and .NET Core Run ... oval:org.secpod.oval:def:1503034 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:118712 .NET Core is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET Core contains a runtime conforming to .NET Standards a set of fram ... oval:org.secpod.oval:def:65365 A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names. The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded. The security update addresses ... |
