CVE-2021-31957 in Microsoft and Fedora Project Products
Published on June 8, 2021

ASP.NET Core Denial of Service Vulnerability

ASP.NET Core Denial of Service Vulnerability

Github Repository Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2021-31957

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-31957 are published in these products:

Microsoft Net

Microsoft .NET Core

Microsoft Visual Studio 2019

Fedora Project Fedora

Affected Versions

Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3):

Version 16.0 and below 16.4.23 is affected.

Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6):

Version 16.0.0 and below 16.7.16 is affected.

Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8):

Version 15.0.0 and below 16.9.7 is affected.

Microsoft Visual Studio 2019 version 16.10 (includes 16.0 - 16.9):

Version 16.10.0 and below 16.10.1 is affected.

Microsoft Visual Studio 2019 for Mac version 8.10:

Version 8.1.0 and below 8.10.1 is affected.

Microsoft .NET Core 3.1:

Version 3.1 and below 3.1.16 is affected.

Microsoft .NET 5.0:

Version 5.0.0 and below 5.0.7 is affected.

Vulnerable Packages

The following package name and versions may be associated with CVE-2021-31957

Package Manager	Vulnerable Package	Versions	Fixed In
nuget	Microsoft.NETCore.App.Ref	< 3.1.16	3.1.16
nuget	Microsoft.NETCore.App.Ref	>= 5.0.0, < 5.0.7	5.0.7

Exploit Probability

EPSS

5.13%

Percentile

89.67%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-31957 in Microsoft and Fedora Project ProductsPublished on June 8, 2021

Products Associated with CVE-2021-31957

Affected Versions

Vulnerable Packages

Exploit Probability

CVE-2021-31957 in Microsoft and Fedora Project Products
Published on June 8, 2021