BIT-aspnet-core-2020-0603

See a problem?

Import Source

https://github.com/bitnami/vulndb/tree/main/data/aspnet-core/BIT-aspnet-core-2020-0603.json

JSON Data

https://api.osv.dev/v1/vulns/BIT-aspnet-core-2020-0603

Aliases

Published

2024-03-06T10:54:18.998Z

Modified

2024-03-06T11:25:28.861Z

Summary

[none]

Details

A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.NET Core Remote Code Execution Vulnerability'.

Database specific

{
    "cpes": [
        "cpe:2.3:a:microsoft:asp.net_core:2.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:microsoft:asp.net_core:3.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:microsoft:asp.net_core:3.1:*:*:*:*:*:*:*"
    ],
    "severity": "High"
}

References

Affected packages

Bitnami / aspnet-core

Package

Name: aspnet-core
Purl: pkg:bitnami/aspnet-core

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Affected ranges

Type: SEMVER
Events: Introduced

2.1.0

Last affected

2.1.0

Introduced

3.0.0

Last affected

3.0.0

Introduced

3.1.0

Last affected

3.1.0