Denial of Service (DoS)
Affecting microsoft.aspnetcore.websockets package, versions [2.1.0,2.1.7) || [2.2.0,2.2.1)
Microsoft.AspNetCore.WebSockets is an ASP.NET Core web socket middleware for use on top of opaque servers.
Affected versions of this package are vulnerable to Denial of Service (DoS). An unauthenticated attacker can cause a denial of service remotely, by issuing specially crafted requests to the .NET Core application. This is caused by an improper handling of a web request in ASP.NET Core. This CVE ID is unique from CVE-2019-0548.
Microsoft.AspNetCore.WebSockets to version 2.1.7, 2.2.1 or higher.
Do your applications use this vulnerable package?