CVE-2020-36620

Опубликовано: 21 дек. 2022

Источник: nvd

CVSS3: 3.5

CVSS3: 7.5

EPSS Низкий

Описание

A vulnerability was found in Brondahl EnumStringValues up to 4.0.0. It has been declared as problematic. This vulnerability affects the function GetStringValuesWithPreferences_Uncache of the file EnumStringValues/EnumExtensions.cs. The manipulation leads to resource consumption. Upgrading to version 4.0.1 is able to address this issue. The name of the patch is c0fc7806beb24883cc2f9543ebc50c0820297307. It is recommended to upgrade the affected component. VDB-216466 is the identifier assigned to this vulnerability.

Ссылки

https://github.com/Brondahl/EnumStringValues/commit/c0fc7806beb24883cc2f9543ebc50c0820297307
Patch
Third Party Advisory
https://github.com/Brondahl/EnumStringValues/releases/tag/4.0.1
Release Notes
Third Party Advisory
https://vuldb.com/?id.216466
Third Party Advisory
VDB Entry
https://github.com/Brondahl/EnumStringValues/commit/c0fc7806beb24883cc2f9543ebc50c0820297307
Patch
Third Party Advisory
https://github.com/Brondahl/EnumStringValues/releases/tag/4.0.1
Release Notes
Third Party Advisory
https://vuldb.com/?id.216466
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:enumstringvalues_project:enumstringvalues:*:*:*:*:*:*:*:*

Версия до 4.0.1 (исключая)

EPSS

Процентиль: 36%

0.00154

Низкий

3.5 Low

CVSS3

7.5 High

CVSS3

Дефекты

CWE-400

Связанные уязвимости

GHSA-vq23-hwg7-hxrh

CVSS3: 3.5

github

около 3 лет назад

EnumStringValues vulnerable to Uncontrolled Resource Consumption

BDU:2023-07575

CVSS3: 7.5

fstec

около 3 лет назад

Уязвимость функции GetStringValuesWithPreferences_Uncache (EnumStringValues/EnumExtensions.cs) библиотеки Brondahl EnumStringValues, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 36%

0.00154

Низкий

3.5 Low

CVSS3

7.5 High

CVSS3

Дефекты

CWE-400