search

berhir / AspNetCore.SpaYarp

An alternative approach to the new ASP.NET Core SPA templates in .NET 6. It uses YARP as proxy to forward requests to the SPA dev server.
MIT License
100 stars 12 forks source link

Yarp.ReverseProxy 2.0.0 has a DOS vulnerability #28

Closed robertlarkins closed 1 year ago

robertlarkins commented 1 year ago

Yarp.ReverseProxy 2.0.0 has a Denial of Service Vulnerability. This vulnerability is fixed in v2.0.1. See here: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33141

I've created PR #27 to fix this.

berhir commented 1 year ago

Thanks, I merged it and published a new version