Описание
.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 allow a denial of Service vulnerability due to how specially crafted requests are handled, aka ".NET Core Denial of Service Vulnerability".
It was found that string comparisons in .NET Core did not use a secure hashing algorithm. This could allow an attacker to predict string hashes and cause a denial of service by intentionally creating collisions thus forcing long look up times.
Дополнительная информация
Статус:
Low
https://bugzilla.redhat.com/show_bug.cgi?id=1552060Core: Hash Collision Denial of Service
EPSS
Процентиль: 95%
0.17641
Средний
3.7 Low
CVSS3
Связанные уязвимости
CVSS3: 7.5
nvd
больше 7 лет назад
.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 allow a denial of Service vulnerability due to how specially crafted requests are handled, aka ".NET Core Denial of Service Vulnerability".
EPSS
Процентиль: 95%
0.17641
Средний
3.7 Low
CVSS3