mregen / ua-.netstandardlibrary Goto Github PK
View Code? Open in Web Editor NEWThis project forked from opcfoundation/ua-.netstandard
OPC Unified Architecture .NET Standard Library
License: Other
This project forked from opcfoundation/ua-.netstandard
OPC Unified Architecture .NET Standard Library
License: Other
The current behavior is
No response
No response
- OS:
- Environment:
- Runtime:
- NugetVersion:
- Component:
- Server:
- Client:
No response
Provides types for encoding and escaping strings for use in JavaScript, HyperText Markup Language (H...
Library home page: https://api.nuget.org/packages/system.text.encodings.web.4.5.0.nupkg
Path to dependency file: /Applications/ReferenceClient/Reference Client.csproj
Path to vulnerable library: /home/wss-scanner/.nuget/packages/system.text.encodings.web/4.5.0/system.text.encodings.web.4.5.0.nupkg
Dependency Hierarchy:
Provides types for encoding and escaping strings for use in JavaScript, HyperText Markup Language (H...
Library home page: https://api.nuget.org/packages/system.text.encodings.web.4.5.0.nupkg
Path to dependency file: /Applications/ConsoleReferenceServer/ConsoleReferenceServer.csproj
Path to vulnerable library: /usr/share/dotnet/sdk/NuGetFallbackFolder/system.text.encodings.web/4.5.0/system.text.encodings.web.4.5.0.nupkg
Dependency Hierarchy:
Found in HEAD commit: cc7c7249fb08f768b869a09371e53abf3b2c2047
.NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24112.
Publish Date: 2021-02-25
URL: CVE-2021-26701
Base Score Metrics:
Type: Upgrade version
Origin: dotnet/announcements#178
Release Date: 2021-02-25
Fix Resolution: System.Text.Encodings.Web - 4.5.1,4.7.2,5.0.1
Step up your Open Source Security Game with WhiteSource here
Stamps your assemblies with semver 2.0 compliant git commit specific version information and provide...
Library home page: https://api.nuget.org/packages/nerdbank.gitversioning.3.2.31.nupkg
Path to dependency file: /Applications/ConsoleReferenceServer/ConsoleReferenceServer.csproj
Path to vulnerable library: /nerdbank.gitversioning/3.2.31/nerdbank.gitversioning.3.2.31.nupkg
Dependency Hierarchy:
Found in HEAD commit: cc7c7249fb08f768b869a09371e53abf3b2c2047
Found in base branch: master
Improper Handling of Exceptional Conditions in Newtonsoft.Json.
Newtonsoft.Json prior to version 13.0.1 is vulnerable to Insecure Defaults due to improper handling of StackOverFlow exception (SOE) whenever nested expressions are being processed. Exploiting this vulnerability results in Denial Of Service (DoS), and it is exploitable when an attacker sends 5 requests that cause SOE in time frame of 5 minutes. This vulnerability affects Internet Information Services (IIS) Applications.
Publish Date: 2022-06-22
URL: WS-2022-0161
Base Score Metrics:
Type: Upgrade version
Release Date: 2022-06-22
Fix Resolution: Newtonsoft.Json - 13.0.1;Microsoft.Extensions.ApiDescription.Server - 6.0.0
Step up your Open Source Security Game with Mend here
ASP.NET Core default HTTP feature implementations.
Library home page: https://api.nuget.org/packages/microsoft.aspnetcore.http.2.1.1.nupkg
Path to dependency file: /Applications/ConsoleReferenceServer/ConsoleReferenceServer.csproj
Path to vulnerable library: /home/wss-scanner/.nuget/packages/microsoft.aspnetcore.http/2.1.1/microsoft.aspnetcore.http.2.1.1.nupkg
Dependency Hierarchy:
Found in HEAD commit: cc7c7249fb08f768b869a09371e53abf3b2c2047
A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names., aka 'Microsoft ASP.NET Core Security Feature Bypass Vulnerability'.
Publish Date: 2020-09-11
URL: CVE-2020-1045
Base Score Metrics:
Type: Upgrade version
Origin: dotnet/announcements#165
Release Date: 2020-10-02
Fix Resolution: Microsoft.AspNetCore.App - 2.1.22, Microsoft.AspNetCore.All - 2.1.22,Microsoft.NETCore.App - 2.1.22, Microsoft.AspNetCore.Http - 2.1.22
Step up your Open Source Security Game with WhiteSource here
A set of .NET API's that are included in the default .NET Core application model. caa7b7e2bad98e56a...
Library home page: https://api.nuget.org/packages/microsoft.netcore.app.2.1.0.nupkg
Path to dependency file: /Tests/Opc.Ua.Security.Certificates.Tests/Opc.Ua.Security.Certificates.Tests.csproj
Path to vulnerable library: /microsoft.netcore.app/2.1.0/microsoft.netcore.app.2.1.0.nupkg
Dependency Hierarchy:
Found in HEAD commit: cc7c7249fb08f768b869a09371e53abf3b2c2047
An elevation of privilege vulnerability exists when a ASP.NET Core web application, created using vulnerable project templates, fails to properly sanitize web requests, aka 'ASP.NET Core Elevation Of Privilege Vulnerability'.
Publish Date: 2019-09-11
URL: CVE-2019-1302
Base Score Metrics:
Type: Upgrade version
Origin: aspnet/Announcements#384
Release Date: 2019-09-12
Fix Resolution: Microsoft.AspNetCore.SpaServices - 2.2.1,2.1.2
Step up your Open Source Security Game with WhiteSource here
A set of .NET API's that are included in the default .NET Core application model. caa7b7e2bad98e56a...
Library home page: https://api.nuget.org/packages/microsoft.netcore.app.2.1.0.nupkg
Path to dependency file: /Tests/Opc.Ua.Security.Certificates.Tests/Opc.Ua.Security.Certificates.Tests.csproj
Path to vulnerable library: /microsoft.netcore.app/2.1.0/microsoft.netcore.app.2.1.0.nupkg
Dependency Hierarchy:
Found in HEAD commit: cc7c7249fb08f768b869a09371e53abf3b2c2047
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka "ASP.NET Core Denial of Service Vulnerability." This affects ASP.NET Core 2.1. This CVE ID is unique from CVE-2019-0548.
Publish Date: 2019-01-08
URL: CVE-2019-0564
Base Score Metrics:
Type: Upgrade version
Origin: aspnet/Announcements#334
Release Date: 2019-01-11
Fix Resolution: Microsoft.AspNetCore.WebSockets - 2.1.7,2.2.1;Microsoft.AspNetCore.Server.Kestrel.Core - 2.1.7;System.Net.WebSockets.WebSocketProtocol - 4.5.3;Microsoft.NETCore.App - 2.1.7,2.2.1;Microsoft.AspNetCore.App - 2.1.7,2.2.1;Microsoft.AspNetCore.All - 2.1.7,2.2.1
Step up your Open Source Security Game with WhiteSource here
Single producer single consumer byte buffer management.
Commonly Used Types:
System.IO.Pipelines.Pi...
Library home page: https://api.nuget.org/packages/system.io.pipelines.4.5.0.nupkg
Path to dependency file: UA-.NetStandardLibrary/Applications/ConsoleReferenceServer/ConsoleReferenceServer.csproj
Path to vulnerable library: /home/wss-scanner/.nuget/packages/system.io.pipelines/4.5.0/system.io.pipelines.4.5.0.nupkg
Dependency Hierarchy:
Found in HEAD commit: 270966e8b42cf312df9cf6cfd3760e50a9469330
A denial of service vulnerability exists when System.IO.Pipelines improperly handles requests, aka "System.IO.Pipelines Denial of Service." This affects .NET Core 2.1, System.IO.Pipelines, ASP.NET Core 2.1.
Publish Date: 2018-09-13
URL: CVE-2018-8409
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8409
Release Date: 2018-09-13
Fix Resolution: System.IO.Pipelines-4.5.1, Microsoft.AspNetCore.All-2.1.4, Microsoft.AspNetCore.App-2.1.4
Step up your Open Source Security Game with WhiteSource here
A set of .NET API's that are included in the default .NET Core application model. caa7b7e2bad98e56a...
Library home page: https://api.nuget.org/packages/microsoft.netcore.app.2.1.0.nupkg
Path to dependency file: /Tests/Opc.Ua.Security.Certificates.Tests/Opc.Ua.Security.Certificates.Tests.csproj
Path to vulnerable library: /microsoft.netcore.app/2.1.0/microsoft.netcore.app.2.1.0.nupkg
Dependency Hierarchy:
Found in HEAD commit: cc7c7249fb08f768b869a09371e53abf3b2c2047
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
Publish Date: 2020-07-14
URL: CVE-2020-1147
Base Score Metrics:
Type: Upgrade version
Origin: dotnet/announcements#159
Release Date: 2020-07-14
Fix Resolution: microsoft.aspnetcore.all - 2.1.20;microsoft.netcore.app - 2.1.20;microsoft.aspnetcore.app - 2.1.20
Step up your Open Source Security Game with WhiteSource here
A set of .NET API's that are included in the default .NET Core application model. caa7b7e2bad98e56a...
Library home page: https://api.nuget.org/packages/microsoft.netcore.app.2.1.0.nupkg
Path to dependency file: /Tests/Opc.Ua.Security.Certificates.Tests/Opc.Ua.Security.Certificates.Tests.csproj
Path to vulnerable library: /microsoft.netcore.app/2.1.0/microsoft.netcore.app.2.1.0.nupkg
Dependency Hierarchy:
Found in HEAD commit: cc7c7249fb08f768b869a09371e53abf3b2c2047
An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7/4.7.1/4.7.2, .NET Core 2.1, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, .NET Core 2.2, Microsoft .NET Framework 4.7.2.
Publish Date: 2019-01-08
URL: CVE-2019-0545
Base Score Metrics:
Type: Upgrade version
Origin: dotnet/announcements#94
Release Date: 2019-01-14
Fix Resolution: Microsoft.NETCore.App - 2.1.7,2.2.1
Step up your Open Source Security Game with WhiteSource here
Provides the .NET Core app bootstrapper intended for use in the application directory caa7b7e2bad98...
Library home page: https://api.nuget.org/packages/microsoft.netcore.dotnetapphost.2.1.0.nupkg
Path to dependency file: /Tests/Opc.Ua.Security.Certificates.Tests/Opc.Ua.Security.Certificates.Tests.csproj
Path to vulnerable library: /home/wss-scanner/.nuget/packages/microsoft.netcore.dotnetapphost/2.1.0/microsoft.netcore.dotnetapphost.2.1.0.nupkg
Dependency Hierarchy:
A set of .NET API's that are included in the default .NET Core application model. caa7b7e2bad98e56a...
Library home page: https://api.nuget.org/packages/microsoft.netcore.app.2.1.0.nupkg
Path to dependency file: /Tests/Opc.Ua.Security.Certificates.Tests/Opc.Ua.Security.Certificates.Tests.csproj
Path to vulnerable library: /microsoft.netcore.app/2.1.0/microsoft.netcore.app.2.1.0.nupkg
Dependency Hierarchy:
Provides a CoreCLR hosting policy implementation -- configuration settings, assembly paths and assem...
Library home page: https://api.nuget.org/packages/microsoft.netcore.dotnethostpolicy.2.1.0.nupkg
Path to dependency file: /Tests/Opc.Ua.Security.Certificates.Tests/Opc.Ua.Security.Certificates.Tests.csproj
Path to vulnerable library: /home/wss-scanner/.nuget/packages/microsoft.netcore.dotnethostpolicy/2.1.0/microsoft.netcore.dotnethostpolicy.2.1.0.nupkg
Dependency Hierarchy:
Provides an implementation of framework resolution strategy used by Microsoft.NETCore.DotNetHost ca...
Library home page: https://api.nuget.org/packages/microsoft.netcore.dotnethostresolver.2.1.0.nupkg
Path to dependency file: /Tests/Opc.Ua.Security.Certificates.Tests/Opc.Ua.Security.Certificates.Tests.csproj
Path to vulnerable library: /home/wss-scanner/.nuget/packages/microsoft.netcore.dotnethostresolver/2.1.0/microsoft.netcore.dotnethostresolver.2.1.0.nupkg
Dependency Hierarchy:
Found in HEAD commit: cc7c7249fb08f768b869a09371e53abf3b2c2047
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka "ASP.NET Core Denial of Service Vulnerability." This affects ASP.NET Core 2.2, ASP.NET Core 2.1. This CVE ID is unique from CVE-2019-0564.
Publish Date: 2019-01-08
URL: CVE-2019-0548
Base Score Metrics:
Type: Upgrade version
Origin: aspnet/Announcements#335
Release Date: 2019-01-15
Fix Resolution: Microsoft.AspNetCore.SignalR - 1.1.0; Microsoft.AspNetCore.Server.Kestrel.Transport.Sockets - 2.2.1; Microsoft.AspNetCore.Server.IIS - 2.2.1; Microsoft.AspNetCore.Server.IISIntegration - 2.2.1;Microsoft.AspNetCore.Server.Kestrel.Core - 2.1.7
Step up your Open Source Security Game with WhiteSource here
Provides the System.Text.RegularExpressions.Regex class, an implementation of a regular expression e...
Library home page: https://api.nuget.org/packages/system.text.regularexpressions.4.3.0.nupkg
Path to dependency file: /Tests/Opc.Ua.Security.Certificates.Tests/Opc.Ua.Security.Certificates.Tests.csproj
Path to vulnerable library: /usr/share/dotnet/sdk/NuGetFallbackFolder/system.text.regularexpressions/4.3.0/system.text.regularexpressions.4.3.0.nupkg
Dependency Hierarchy:
Found in HEAD commit: cc7c7249fb08f768b869a09371e53abf3b2c2047
A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.
Publish Date: 2019-05-16
URL: CVE-2019-0820
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-cmhx-cq75-c4mj
Release Date: 2020-08-24
Fix Resolution: System.Text.RegularExpressions - 4.3.1
Step up your Open Source Security Game with WhiteSource here
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.