GHSA-655q-9gvg-q4cm
Suggest an improvement- Source
- https://github.com/advisories/GHSA-655q-9gvg-q4cm
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-655q-9gvg-q4cm/GHSA-655q-9gvg-q4cm.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-655q-9gvg-q4cm
- Aliases
- Published
- 2022-05-24T17:06:16Z
- Modified
- 2024-11-28T05:42:56.513361Z
- Summary
- Remote code execution in ASP.NET Core
- Details
-
A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.NET Core Remote Code Execution Vulnerability'.
- Database specific
{ "nvd_published_at": "2020-01-14T23:15:00Z", "cwe_ids": [ "CWE-119" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2022-07-07T23:10:27Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2020-0603
- https://github.com/aspnet/Announcements/issues/403
- https://github.com/github/advisory-database/issues/302
- https://access.redhat.com/errata/RHSA-2020:0130
- https://access.redhat.com/errata/RHSA-2020:0134
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0603
Affected packages
NuGet / Microsoft.AspNetCore.All
Package
- Name
- Microsoft.AspNetCore.All
- View open source insights on deps.dev
- Purl
- pkg:nuget/Microsoft.AspNetCore.All
NuGet / Microsoft.AspNetCore.App
Package
- Name
- Microsoft.AspNetCore.App
- View open source insights on deps.dev
- Purl
- pkg:nuget/Microsoft.AspNetCore.App
NuGet / Microsoft.AspNetCore.App
Package
- Name
- Microsoft.AspNetCore.App
- View open source insights on deps.dev
- Purl
- pkg:nuget/Microsoft.AspNetCore.App
NuGet / Microsoft.AspNetCore.App
Package
- Name
- Microsoft.AspNetCore.App
- View open source insights on deps.dev
- Purl
- pkg:nuget/Microsoft.AspNetCore.App
NuGet / Microsoft.AspNetCore.Http.Connections
Package
- Name
- Microsoft.AspNetCore.Http.Connections
- View open source insights on deps.dev
- Purl
- pkg:nuget/Microsoft.AspNetCore.Http.Connections
NuGet / Microsoft.AspNetCore.App.Runtime.linux-arm
Package
- Name
- Microsoft.AspNetCore.App.Runtime.linux-arm
- View open source insights on deps.dev
- Purl
- pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm
NuGet / Microsoft.AspNetCore.App.Runtime.linux-arm64
Package
- Name
- Microsoft.AspNetCore.App.Runtime.linux-arm64
- View open source insights on deps.dev
- Purl
- pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-arm64
NuGet / Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
Package
- Name
- Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
- View open source insights on deps.dev
- Purl
- pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
NuGet / Microsoft.AspNetCore.App.Runtime.linux-musl-x64
Package
- Name
- Microsoft.AspNetCore.App.Runtime.linux-musl-x64
- View open source insights on deps.dev
- Purl
- pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-musl-x64
NuGet / Microsoft.AspNetCore.App.Runtime.linux-x64
Package
- Name
- Microsoft.AspNetCore.App.Runtime.linux-x64
- View open source insights on deps.dev
- Purl
- pkg:nuget/Microsoft.AspNetCore.App.Runtime.linux-x64
NuGet / Microsoft.AspNetCore.App.Runtime.osx-x64
Package
- Name
- Microsoft.AspNetCore.App.Runtime.osx-x64
- View open source insights on deps.dev
- Purl
- pkg:nuget/Microsoft.AspNetCore.App.Runtime.osx-x64
NuGet / Microsoft.AspNetCore.App.Runtime.win-arm
Package
- Name
- Microsoft.AspNetCore.App.Runtime.win-arm
- View open source insights on deps.dev
- Purl
- pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-arm
NuGet / Microsoft.AspNetCore.App.Runtime.win-x64
Package
- Name
- Microsoft.AspNetCore.App.Runtime.win-x64
- View open source insights on deps.dev
- Purl
- pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x64
NuGet / Microsoft.AspNetCore.App.Runtime.win-x86
Package
- Name
- Microsoft.AspNetCore.App.Runtime.win-x86
- View open source insights on deps.dev
- Purl
- pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x86