Количество 7
Количество 7
CVE-2020-1045
<p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.</p> <p>The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.</p>
CVE-2020-1045
<p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.</p> <p>The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.</p>
CVE-2020-1045
Microsoft ASP.NET Core Security Feature Bypass Vulnerability
CVE-2020-1045
<p>A security feature bypass vulnerability exists in the way Microsoft ...
GHSA-hxrm-9w7p-39cc
Cookie parsing failure
ELSA-2020-3699
ELSA-2020-3699: .NET Core 3.1 security and bugfix update (IMPORTANT)
BDU:2020-04581
Уязвимость анализатора файлов cookie программной платформы ASP.NET Core, позволяющая нарушителю выполнить обход функций безопасности
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-1045 <p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.</p> <p>The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.</p> | CVSS3: 7.5 | 21% Средний | больше 5 лет назад |
 | CVE-2020-1045 <p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.</p> <p>The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.</p> | CVSS3: 7.5 | 21% Средний | больше 5 лет назад |
 | CVE-2020-1045 Microsoft ASP.NET Core Security Feature Bypass Vulnerability | CVSS3: 7.5 | 21% Средний | больше 5 лет назад |
| CVE-2020-1045 <p>A security feature bypass vulnerability exists in the way Microsoft ... | CVSS3: 7.5 | 21% Средний | больше 5 лет назад |
| GHSA-hxrm-9w7p-39cc Cookie parsing failure | CVSS3: 7.5 | 21% Средний | больше 3 лет назад |
| ELSA-2020-3699 ELSA-2020-3699: .NET Core 3.1 security and bugfix update (IMPORTANT) | больше 5 лет назад | ||
 | BDU:2020-04581 Уязвимость анализатора файлов cookie программной платформы ASP.NET Core, позволяющая нарушителю выполнить обход функций безопасности | CVSS3: 7.5 | 21% Средний | больше 5 лет назад |
Уязвимостей на страницу