Lucene search
Veracode Vulnerability DatabaseVERACODE:20836HistoryJul 16, 2019 - 3:34 a.m.
Open Redirect
2019-07-1603:34:06
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
EPSS
0.002
Percentile
57.4%
AspNetCore is vulnerable to open redirect. It does not escape the user provided URL string, allowing an attacker to provide a malicious URL to redirect the user to a malicious website.
References
github.com/aspnet/Announcements/issues/373
github.com/dotnet/core/blob/3c66ae6b117584606b2f35b8b134da5ecc749510/release-notes/2.1/2.1.12/2.1.12.md
github.com/dotnet/core/blob/815fccb3cf2165816708bd6a8d247e3c59b1d9f3/release-notes/2.2/2.2.6/2.2.6.md
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1075
Related
symantec
symantec
Microsoft ASP.NET Core CVE-2019-1075 Spoofing Vulnerability
2019-07-09 00:00:00
mscve
mscve
ASP.NET Core Spoofing Vulnerability
2019-07-09 07:00:00
nessus
nessus
Security Update for Microsoft ASP.NET Core (July 2019)
2019-07-11 00:00:00
Security Update for .NET Core SDK (July 2019)
2019-07-11 00:00:00
cve
cve
CVE-2019-1075
2019-07-15 19:15:17
github
github
Open redirect in ASP.NET Core
2022-05-24 16:50:19
prion
prion
Spoofing
2019-07-15 19:15:00
osv
osv
CVE-2019-1075
2019-07-15 19:15:17
Open redirect in ASP.NET Core
2022-05-24 16:50:19
cvelist
cvelist
CVE-2019-1075
2019-07-15 18:56:20
openvas
openvas
.NET Core Spoofing Vulnerability (Jul 2019)
2019-07-11 00:00:00
.NET Core SDK Spoofing Vulnerability (Jul 2019)
2019-07-11 00:00:00
nvd
nvd
CVE-2019-1075
2019-07-15 19:15:17
kaspersky
kaspersky
KLA11513 Multiple vulnerabilities in Microsoft Developer Tools
2019-07-09 00:00:00
talosblog
talosblog