{"id":"CVE-2019-1075","details":"A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect, aka 'ASP.NET Core Spoofing Vulnerability'.","aliases":["GHSA-prrf-397v-83xh"],"modified":"2026-04-10T04:13:54.755711Z","published":"2019-07-15T19:15:17.343Z","references":[{"type":"FIX","url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1075"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/dotnet/aspnetcore","events":[{"introduced":"0"},{"last_affected":"00e08d8c11f4e9649492342c9c613a758efd2e4d"},{"introduced":"0"},{"last_affected":"ce8cf65589734f82b0536c543aba5bd60d0a5a98"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.1"},{"introduced":"0"},{"last_affected":"2.2"}]}}],"versions":["2.1.0","2.1.0-preview1","2.1.0-preview2","2.1.1","2.1.3","2.1.5","2.1.6","2.2.0","2.2.0-preview1","2.2.0-preview2","2.2.0-preview3","release/2.1","v2.1.10","v2.1.11","v2.1.12","v2.1.13","v2.1.14","v2.1.16","v2.1.17","v2.1.18","v2.1.19","v2.1.20","v2.1.22","v2.1.23","v2.1.24","v2.1.33","v2.1.7","v2.1.8","v2.1.9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-1075.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}