{"id":"CVE-2023-36558","details":"ASP.NET Core Security Feature Bypass Vulnerability","aliases":["BIT-aspnet-core-2023-36558","BIT-dotnet-2023-36558","BIT-dotnet-sdk-2023-36558","GHSA-3fx3-85r4-8j3w"],"modified":"2026-02-24T11:44:30.281259Z","published":"2023-11-14T22:15:29.323Z","related":["ALSA-2023:7253","ALSA-2023:7254","ALSA-2023:7255","ALSA-2023:7256","ALSA-2023:7257","ALSA-2023:7258"],"references":[{"type":"ADVISORY","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36558"},{"type":"FIX","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36558"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/dotnet/aspnetcore","events":[{"introduced":"ae1a6cbe225b99c0bf38b7e31bf60cb653b73a52"},{"fixed":"36be7ed6d6d56b7da0a2891e3de7ecc2aa48eecd"},{"introduced":"bb01bbf4433e27289b99001b7de6a582879d1835"},{"fixed":"0a715692d8e2536c899faa0bb4f0cec2c2e33e36"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-36558.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}