BIT-aspnet-core-2020-1597

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/aspnet-core/BIT-aspnet-core-2020-1597.json
JSON Data
https://api.test.osv.dev/v1/vulns/BIT-aspnet-core-2020-1597
Aliases
Published
2024-03-06T10:53:47.493Z
Modified
2024-03-06T11:25:28.861Z
Summary
[none]
Details

A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication.A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the ASP.NET Core application.The update addresses the vulnerability by correcting how the ASP.NET Core web application handles web requests.

Database specific
{
    "cpes": [
        "cpe:2.3:a:microsoft:asp.net_core:2.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:microsoft:asp.net_core:3.1:*:*:*:*:*:*:*"
    ],
    "severity": "High"
}
References

Affected packages

Bitnami / aspnet-core

Package

Name
aspnet-core
Purl
pkg:bitnami/aspnet-core

Severity

  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
2.1.0
Last affected
2.1.0
Introduced
3.1.0
Last affected
3.1.0