GHSA-mv2r-q4g5-j8q5

Source

https://github.com/advisories/GHSA-mv2r-q4g5-j8q5

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-mv2r-q4g5-j8q5/GHSA-mv2r-q4g5-j8q5.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-mv2r-q4g5-j8q5

Aliases

CVE-2018-8269

Published

2018-10-16T19:58:31Z

Modified

2024-11-28T05:40:32.219218Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

Denial of service in ASP.NET Core

Details

A denial of service vulnerability exists when OData Library improperly handles web requests, aka "OData Denial of Service Vulnerability." This affects Microsoft.Data.OData.

Database specific

{
    "github_reviewed": true,
    "cwe_ids": [],
    "github_reviewed_at": "2020-06-16T21:47:12Z",
    "nvd_published_at": null,
    "severity": "HIGH"
}

References

Affected packages

NuGet

Microsoft.Data.OData

Package

Name: Microsoft.Data.OData; View open source insights on deps.dev
Purl: pkg:nuget/Microsoft.Data.OData

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.8.4

Affected versions

5.*

5.0.0.50403

5.0.1-rc

5.0.1

5.0.2-rc

5.0.2

5.1.0-rc

5.1.0-rc1

5.1.0-rc2

5.1.0

5.2.0-rc1

5.2.0

5.3.0-rc1

5.3.0

5.4.0-rc1

5.4.0

5.5.0-alpha1

5.5.0-alpha2

5.5.0-rc1

5.5.0

5.6.0-alpha1

5.6.0-rc1

5.6.0

5.6.1

5.6.2

5.6.3

5.6.4

5.6.5-beta

5.7.0-beta

5.7.0-rc

5.7.0

5.8.0-beta

5.8.0

5.8.1

5.8.2

5.8.3

Microsoft.AspNetCore.DataProtection.AzureStorage

Package

Name: Microsoft.AspNetCore.DataProtection.AzureStorage; View open source insights on deps.dev
Purl: pkg:nuget/Microsoft.AspNetCore.DataProtection.AzureStorage

Affected ranges

Type: ECOSYSTEM
Events: Introduced

2.1.0

Fixed

2.1.13

Affected versions

2.*

2.1.0

2.1.1

Microsoft.AspNetCore.DataProtection.AzureStorage

Package

Name: Microsoft.AspNetCore.DataProtection.AzureStorage; View open source insights on deps.dev
Purl: pkg:nuget/Microsoft.AspNetCore.DataProtection.AzureStorage

Affected ranges

Type: ECOSYSTEM
Events: Introduced

2.2.0

Fixed

2.2.7

Affected versions

2.*

2.2.0

Microsoft.AspNetCore.All

Package

Name: Microsoft.AspNetCore.All; View open source insights on deps.dev
Purl: pkg:nuget/Microsoft.AspNetCore.All

Affected ranges

Type: ECOSYSTEM
Events: Introduced

2.1.0

Fixed

2.1.13

Affected versions

2.*

2.1.0

2.1.1

2.1.2

2.1.3

2.1.4

2.1.5

2.1.6

2.1.7

2.1.8

2.1.9

2.1.10

2.1.11

2.1.12

Microsoft.AspNetCore.All

Package

Name: Microsoft.AspNetCore.All; View open source insights on deps.dev
Purl: pkg:nuget/Microsoft.AspNetCore.All

Affected ranges

Type: ECOSYSTEM
Events: Introduced

2.2.0

Fixed

2.2.7

Affected versions

2.*

2.2.0

2.2.1

2.2.2

2.2.3

2.2.4

2.2.5

2.2.6