Lucene search
K

4 matches found

Snyk
Snyk
added 2025/10/14 8:32 p.m.8 views

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling via the interpretation of chunked HTTP requests. An attacker can bypass security restrictions and potentially access or manipulate sensitive data by sending specially crafted HTTP requests that exploit...

9.9CVSS9.2AI score0.66258EPSS
Exploits5References2
Snyk
Snyk
added 2025/03/11 7:24 p.m.5 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication in the RefreshSignInAsync function method, which does not verify the identity of the calling TUser, allowing an attacker to escalate privileges to that of another user. Remediation Upgrade...

8.3CVSS7.2AI score0.00911EPSS
Exploits1References2
Snyk
Snyk
added 2024/08/13 7:26 p.m.5 views

Cleartext Transmission of Sensitive Information

Overview Affected versions of this package are vulnerable to Cleartext Transmission of Sensitive Information via the TlsStream process. An attacker can gain access to sensitive information by intercepting unencrypted data. Remediation Upgrade Microsoft.NETCore.App.Runtime.osx-arm64 to version 8.0...

7.1CVSS6.8AI score0.0131EPSS
Exploits0References2
Snyk
Snyk
added 2024/02/13 7:43 p.m.7 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when parsing X509 certificates. Note: Windows systems are not vulnerable to this issue. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and...

7.5CVSS7.1AI score0.02707EPSS
Exploits0References2
Rows per page
Query Builder