{"package":"Microsoft.NETCore.App","ecosystem":"nuget","latest_version":"3.0.0-preview8-28405-07","description":"A set of .NET APIs that are included in the default .NET Core application model. \nd01b2fb7bc6bd4911e157fbd51353059a3ba1a6c \nWhen using NuGet 3.x this package requires at least version 3.4.","license":"","homepage":"https://dot.net/","repository":"https://dot.net/","downloads_weekly":0,"health":{"score":22,"risk":"critical","breakdown":{"maintenance":0,"popularity":0,"security":5,"maturity":15,"community":2},"deprecated":false,"max_score":100},"vulnerabilities":{"count":10,"critical":0,"high":0,"medium":10,"low":0,"details":[{"vuln_id":"CVE-2019-0545","severity":"medium","summary":"Exposure of Sensitive Information in System.Net.Http","affected_versions":">=2.2.0","fixed_version":"2.2.1","source":"osv","published_at":"2022-05-14T01:41:10Z","in_kev":false,"epss_prob":0.0965,"epss_percentile":0.92915,"threat_tier":"theoretical"},{"vuln_id":"BIT-dotnet-2021-1721","severity":"medium","summary":"Denial of service in .NET core","affected_versions":">=5.0.0","fixed_version":"5.0.3","source":"osv","published_at":"2022-05-24T17:43:10Z","in_kev":false,"threat_tier":"unknown"},{"vuln_id":"BIT-dotnet-2020-1108","severity":"medium","summary":".NET Core & .NET Framework Denial of Service Vulnerability","affected_versions":">=3.1.0","fixed_version":"3.1.4","source":"osv","published_at":"2022-05-24T17:18:28Z","in_kev":false,"threat_tier":"unknown"},{"vuln_id":"CVE-2018-8416","severity":"medium","summary":"Tampering vulnerability in .NET Core","affected_versions":">=2.1.0","fixed_version":"2.1.7","source":"osv","published_at":"2022-05-13T01:20:52Z","in_kev":false,"epss_prob":0.11328,"epss_percentile":0.93567,"threat_tier":"theoretical"},{"vuln_id":"CVE-2019-0564","severity":"medium","summary":"Denial of service in ASP.NET Core","affected_versions":">=2.1.0","fixed_version":"2.1.7","source":"osv","published_at":"2022-05-14T01:41:32Z","in_kev":false,"epss_prob":0.07668,"epss_percentile":0.91916,"threat_tier":"theoretical"},{"vuln_id":"CVE-2017-11770","severity":"medium","summary":"Improper Certificate Validation","affected_versions":">=1.0.0","fixed_version":"2.0.3","source":"osv","published_at":"2022-04-12T00:07:34Z","in_kev":false,"epss_prob":0.13685,"epss_percentile":0.94279,"threat_tier":"theoretical"},{"vuln_id":"CVE-2017-8585","severity":"medium","summary":"Improper Input Validation in Microsoft.NETCore.App","affected_versions":">=1.1.0","fixed_version":"1.1.4","source":"osv","published_at":"2022-05-17T00:19:03Z","in_kev":false,"epss_prob":0.27092,"epss_percentile":0.9639,"threat_tier":"theoretical"},{"vuln_id":"CVE-2020-1147","severity":"medium","summary":".NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability","affected_versions":">=3.1.0","fixed_version":"3.1.6","source":"osv","published_at":"2022-05-24T17:22:57Z","in_kev":true,"kev_date_added":"2021-11-03","kev_ransomware":"Unknown","epss_prob":0.9343,"epss_percentile":0.99819,"threat_tier":"actively_exploited"},{"vuln_id":"BIT-dotnet-2021-34485","severity":"medium","summary":".NET Core Information Disclosure Vulnerability","affected_versions":">=5.0.0","fixed_version":"5.0.9","source":"osv","published_at":"2022-10-20T21:34:09Z","in_kev":false,"threat_tier":"unknown"},{"vuln_id":"CVE-2019-0657","severity":"medium","summary":"Improper Input Validation in .Net Framework API's","affected_versions":">=4.3.0","fixed_version":"4.3.2","source":"osv","published_at":"2022-05-14T01:28:01Z","in_kev":false,"epss_prob":0.08017,"epss_percentile":0.92119,"threat_tier":"theoretical"}],"actively_exploited_count":1,"likely_exploited_count":0},"versions":{"latest":"3.0.0-preview8-28405-07","total_count":94,"recent":["2.2.0-preview-26820-02","2.2.0-preview2-26905-02","2.2.0-preview3-27014-02","2.2.0","2.2.1","2.2.2","2.2.3","2.2.4","2.2.5","2.2.6","2.2.7","2.2.8","3.0.0-preview-27122-01","3.0.0-preview-27324-5","3.0.0-preview3-27503-5","3.0.0-preview4-27615-11","3.0.0-preview5-27626-15","3.0.0-preview6-27804-01","3.0.0-preview7-27912-14","3.0.0-preview8-28405-07"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":1,"first_published":null,"last_published":"1900-01-01T00:00:00+00:00","dependencies_count":1,"dependencies":["Microsoft.NETCore.Platforms"]},"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"recommendation":{"action":"use_with_caution","issues":["Low health score (22/100)"],"use_version":"3.0.0-preview8-28405-07","version_hint":"Update to >= 4.3.2 to fix known vulnerabilities","summary":"Microsoft.NETCore.App@3.0.0-preview8-28405-07 low health (22/100) — consider alternatives"},"requested_version":null,"_cache":"miss","_response_ms":492,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false}}