CVE-2020-1597

Source
https://nvd.nist.gov/vuln/detail/CVE-2020-1597
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-1597.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-1597
Aliases
Related
Published
2020-08-17T19:15:21Z
Modified
2024-10-12T06:22:17.536702Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the ASP.NET Core application. The update addresses the vulnerability by correcting how the ASP.NET Core web application handles web requests.

References

Affected packages

Git / github.com/dotnet/aspnetcore

Affected ranges

Type
GIT
Repo
https://github.com/dotnet/aspnetcore
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Last affected

Affected versions

2.*

2.1.0
2.1.0-preview1
2.1.0-preview2
2.1.0-rc1