{"package":"System.Text.Encodings.Web","ecosystem":"nuget","latest_version":"11.0.0-preview.3.26207.106","description":"Provides types for encoding and escaping strings for use in JavaScript, HyperText Markup Language (HTML), and uniform resource locators (URL).\n\nCommonly Used Types:\nSystem.Text.Encodings.Web.HtmlEncoder\nSystem.Text.Encodings.Web.UrlEncoder\nSystem.Text.Encodings.Web.JavaScriptEncoder","license":"MIT","homepage":"https://dot.net/","repository":"https://dot.net/","downloads_weekly":27482227,"health":{"score":63,"risk":"moderate","breakdown":{"maintenance":25,"popularity":20,"security":1,"maturity":15,"community":2},"deprecated":false,"max_score":100},"vulnerabilities":{"count":5,"critical":1,"high":2,"medium":2,"low":0,"details":[{"vuln_id":"CVE-2017-0247","severity":"high","summary":"ASP.NET Core fails to properly validate web requests","affected_versions":">=1.1.0","fixed_version":"1.1.3","source":"osv","published_at":"2018-10-16T19:58:05Z","in_kev":false,"epss_prob":0.11122,"epss_percentile":0.93495,"threat_tier":"theoretical"},{"vuln_id":"CVE-2017-0248","severity":"medium","summary":"Moderate severity vulnerability that affects Microsoft.AspNetCore.Mvc and Microsoft.AspNetCore.Mvc.Core","affected_versions":">=1.1.0","fixed_version":"1.1.3","source":"osv","published_at":"2018-10-16T19:58:52Z","in_kev":false,"epss_prob":0.01092,"epss_percentile":0.77982,"threat_tier":"theoretical"},{"vuln_id":"BIT-dotnet-2021-26701","severity":"critical","summary":".NET Core Remote Code Execution Vulnerability","affected_versions":">=5.0.0","fixed_version":"5.0.1","source":"osv","published_at":"2021-04-21T19:38:01Z","in_kev":false,"threat_tier":"unknown"},{"vuln_id":"CVE-2017-0256","severity":"medium","summary":"Moderate severity vulnerability that affects Microsoft.AspNetCore.Mvc","affected_versions":">=1.1.0","fixed_version":"1.1.3","source":"osv","published_at":"2018-10-16T19:57:48Z","in_kev":false,"epss_prob":0.04349,"epss_percentile":0.88956,"threat_tier":"theoretical"},{"vuln_id":"CVE-2017-0249","severity":"high","summary":"High severity vulnerability that affects Microsoft.AspNetCore.Mvc","affected_versions":">=0","fixed_version":"1.1.3","source":"osv","published_at":"2018-10-16T19:57:38Z","in_kev":false,"epss_prob":0.05786,"epss_percentile":0.90511,"threat_tier":"theoretical"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"11.0.0-preview.3.26207.106","total_count":125,"recent":["10.0.0-preview.1.25080.5","10.0.0-preview.2.25163.2","10.0.0-preview.3.25171.5","10.0.0-preview.4.25258.110","10.0.0-preview.5.25277.114","10.0.0-preview.6.25358.103","10.0.0-preview.7.25380.108","10.0.0-rc.1.25451.107","10.0.0-rc.2.25502.107","10.0.0","10.0.1","10.0.2","10.0.3","10.0.4","10.0.5","10.0.6","10.0.7","11.0.0-preview.1.26104.118","11.0.0-preview.2.26159.112","11.0.0-preview.3.26207.106"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":1,"first_published":null,"last_published":"2026-04-14T15:58:19+00:00","dependencies_count":3,"dependencies":["System.Buffers","System.Memory","System.Runtime.CompilerServices.Unsafe"]},"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"recommendation":{"action":"do_not_use","issues":["2 high severity vulnerabilities","1 critical vulnerabilities"],"use_version":"11.0.0-preview.3.26207.106","version_hint":"Update to >= 1.1.3 to fix known vulnerabilities","summary":"System.Text.Encodings.Web has critical vulnerabilities — do not use"},"requested_version":null,"_cache":"miss","_response_ms":706,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false}}