Denial of Service (DoS)
Affecting microsoft.aspnetcore.all package, versions [2.2.0,2.2.1) || [2.1.0,2.1.7)
microsoft.aspnetcore.all provides a default set of APIs for building an ASP.NET Core application, and also includes API for third-party integrations with ASP.NET Core.
Affected versions of this package are vulnerable to Denial of Service (DoS). An unauthenticated attacker can cause a denial of service remotely, by issuing specially crafted requests to the .NET Core application. This is caused by an improper handling of a web request in ASP.NET Core. This CVE ID is unique from CVE-2019-0548.
microsoft.aspnetcore.all to version 2.2.1, 2.1.7 or higher.
Do your applications use this vulnerable package?