U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:microsoft:.net_core:3.1.3:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 11 matching records.
Displaying matches 1 through 11.
Vuln ID Summary CVSS Severity
CVE-2022-34716

.NET Spoofing Vulnerability

Published: August 09, 2022; 4:15:11 PM -0400 		V3.1: 5.9 MEDIUM
 V2.0:(not available)
CVE-2022-24464

.NET and Visual Studio Denial of Service Vulnerability.

Published: March 09, 2022; 12:15:14 PM -0500 		V3.1: 7.5 HIGH
 V2.0: 5.0 MEDIUM
CVE-2021-34485

.NET Core and Visual Studio Information Disclosure Vulnerability

Published: August 12, 2021; 2:15:09 PM -0400 		V3.1: 5.5 MEDIUM
 V2.0: 2.1 LOW
CVE-2021-26423

.NET Core and Visual Studio Denial of Service Vulnerability

Published: August 12, 2021; 2:15:08 PM -0400 		V3.1: 7.5 HIGH
 V2.0: 5.0 MEDIUM
CVE-2021-31957

ASP.NET Denial of Service Vulnerability

Published: June 08, 2021; 7:15:08 PM -0400 		V3.1: 7.5 HIGH
 V2.0: 5.0 MEDIUM
CVE-2021-31204

.NET and Visual Studio Elevation of Privilege Vulnerability

Published: May 11, 2021; 3:15:10 PM -0400 		V3.1: 7.8 HIGH
 V2.0: 4.6 MEDIUM
CVE-2021-26701

.NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24112.

Published: February 25, 2021; 6:15:16 PM -0500 		V3.1: 9.8 CRITICAL
 V2.0: 7.5 HIGH
CVE-2021-24112

.NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26701.

Published: February 25, 2021; 6:15:16 PM -0500 		V3.1: 9.8 CRITICAL
 V2.0: 7.5 HIGH
CVE-2021-1721

.NET Core and Visual Studio Denial of Service Vulnerability

Published: February 25, 2021; 6:15:13 PM -0500 		V3.1: 6.5 MEDIUM
 V2.0: 4.3 MEDIUM
CVE-2020-8927

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits.

Published: September 15, 2020; 6:15:12 AM -0400 		V3.1: 6.5 MEDIUM
 V2.0: 6.4 MEDIUM
CVE-2020-1108

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.

Published: May 21, 2020; 7:15:14 PM -0400 		V3.1: 7.5 HIGH
 V2.0: 5.0 MEDIUM