Remove usage of Microsoft.AspNetCore.Mvc.ViewFeatures #105
Description
Microsoft.AspNetCore.Mvc.ViewFeatures has dependecy to
Microsoft.AspNetCore.Routing 2.2.0
[CVE-2020-1161] CWE-20: Improper Input Validation
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.
Microsoft.AspNetCore.Http 2.2.0
[CVE-2020-1045] CWE-noinfo
A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.
The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.
The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.