Описание
.NET Core Denial of Service Vulnerability
A denial of service vulnerability exists in the way that .NET Core handles specially crafted requests, causing a hash collision.
To exploit the vulnerability, an attacker could send a small number of specially crafted requests to an .NET Core web application, causing performance to degrade significantly enough to cause a denial of service condition.
The security update addresses the vulnerability by correcting how .NET Core handles specially crafted requests to prevent a hash collision.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| .NET Core 1.0 | ||
| .NET Core 1.1 | ||
| .NET Core 2.0 | ||
| PowerShell Core 6.0.0 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
EPSS
Связанные уязвимости
.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 allow a denial of Service vulnerability due to how specially crafted requests are handled, aka ".NET Core Denial of Service Vulnerability".
.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 allow a denial of Service vulnerability due to how specially crafted requests are handled, aka ".NET Core Denial of Service Vulnerability".
EPSS