Описание
.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 allow a denial of Service vulnerability due to how specially crafted requests are handled, aka ".NET Core Denial of Service Vulnerability".
It was found that string comparisons in .NET Core did not use a secure hashing algorithm. This could allow an attacker to predict string hashes and cause a denial of service by intentionally creating collisions thus forcing long look up times.
Дополнительная информация
Статус:
Low
https://bugzilla.redhat.com/show_bug.cgi?id=1552060Core: Hash Collision Denial of Service
3.7 Low
CVSS3
Связанные уязвимости
CVSS3: 7.5
nvd
больше 7 лет назад
.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 allow a denial of Service vulnerability due to how specially crafted requests are handled, aka ".NET Core Denial of Service Vulnerability".
3.7 Low
CVSS3