microsoft.aspnetcore.app is vulnerable to information disclosure. The vulnerability exists in some of the .NET Core packages which allows an attacker to gain access to privileged information.
packetstormsecurity.com/files/168332/.NET-XML-Signature-Verification-External-Entity-Injection.html
access.redhat.com/security/cve/cve-2022-34716
bugzilla.redhat.com/show_bug.cgi?id=2115183
github.com/advisories/GHSA-2m65-m22p-9wjw
github.com/dotnet/aspnetcore/issues/43166
github.com/dotnet/core/releases/tag/v3.1.28
github.com/dotnet/core/releases/tag/v6.0.8
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34716
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34716