Описание
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.
A denial of service flaw was found in ASP.NET Core. An unauthenticated, remote attacker could exploit this vulnerability by sending specially crafted requests to an ASP.NET Core application. The highest threat from this flaw is system availability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| .NET Core 2.1 on Red Hat Enterprise Linux | rh-dotnet21 | Not affected | ||
| .NET Core 2.2 on Red Hat Enterprise Linux | rh-dotnet22 | Not affected | ||
| Red Hat Enterprise Linux 8 | dotnet | Not affected | ||
| Red Hat Enterprise Linux 8 | dotnet3.1 | Not affected | ||
| .NET Core on Red Hat Enterprise Linux | rh-dotnet30-dotnet | Fixed | RHSA-2020:0134 | 16.01.2020 |
| .NET Core on Red Hat Enterprise Linux | rh-dotnet31-dotnet | Fixed | RHSA-2020:0134 | 16.01.2020 |
| .NET Core on Red Hat Enterprise Linux | rh-dotnet30-dotnet | Fixed | RHSA-2020:0134 | 16.01.2020 |
| .NET Core on Red Hat Enterprise Linux | rh-dotnet31-dotnet | Fixed | RHSA-2020:0134 | 16.01.2020 |
| Red Hat Enterprise Linux 8 | dotnet3.0 | Fixed | RHSA-2020:0130 | 16.01.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.
Уязвимость программной платформы ASP.NET Core, связанная с ошибками обработки запросов, позволяющая нарушителю вызвать отказ в обслуживании
ELSA-2020-0130: .NET Core on Red Hat Enterprise Linux security and bug fix update (CRITICAL)
EPSS
7.5 High
CVSS3