ID CVE-2020-1597
Summary A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the ASP.NET Core application. The update addresses the vulnerability by correcting how the ASP.NET Core web application handles web requests.
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:asp.net_core:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:asp.net_core:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:asp.net_core:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:asp.net_core:3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.0:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.0:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.0.13:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.0.13:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.0.14:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.0.15:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.0.15:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.0.16:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.0.16:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.2:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.2:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.3:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.3:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.04:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.04:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.09:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.09:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.10:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.10:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.12:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.12:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.13:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.13:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.16:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.16:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.17:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.17:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.18:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.18:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.21:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.21:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.23:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.23:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.26:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.26:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.29:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.29:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.30:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.30:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.31:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.31:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.37:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.37:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.43:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.43:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.46:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.46:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.49:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.49:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.52:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.52:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.57:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.57:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.64:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.64:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.2:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.2:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.3:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.3:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.4:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.4:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.4.4:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.4.5:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.5:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.5:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.5.5:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.5.6:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.5.6:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.5.7:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.5.7:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.6:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.6:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.6.3:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.6.4:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.6.5:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.6.5:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.6.6:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.6.6:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.6.7:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.6.7:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.7:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.7:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.7:*:preview:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.7:*:preview:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.7.4:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.7.4:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.7.5:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2017:15.7.6:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2017:15.7.6:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.5:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.5:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.5.5:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_2019:16.6:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_2019:16.6:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 19-01-2024 - 00:15)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
redhat via4
advisories
bugzilla
id 1861110
title CVE-2020-1597 dotnet: ASP.NET Core Resource Consumption Denial of Service
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 8 is installed
      oval oval:com.redhat.rhba:tst:20193384074
    • OR
      • AND
        • comment aspnetcore-runtime-3.1 is earlier than 0:3.1.7-1.el8_2
          oval oval:com.redhat.rhsa:tst:20203422001
        • comment aspnetcore-runtime-3.1 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20202250002
      • AND
        • comment aspnetcore-targeting-pack-3.1 is earlier than 0:3.1.7-1.el8_2
          oval oval:com.redhat.rhsa:tst:20203422003
        • comment aspnetcore-targeting-pack-3.1 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20202250004
      • AND
        • comment dotnet is earlier than 0:3.1.107-1.el8_2
          oval oval:com.redhat.rhsa:tst:20203422005
        • comment dotnet is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20191259002
      • AND
        • comment dotnet-apphost-pack-3.1 is earlier than 0:3.1.7-1.el8_2
          oval oval:com.redhat.rhsa:tst:20203422007
        • comment dotnet-apphost-pack-3.1 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20202250008
      • AND
        • comment dotnet-host is earlier than 0:3.1.7-1.el8_2
          oval oval:com.redhat.rhsa:tst:20203422009
        • comment dotnet-host is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20191259006
      • AND
        • comment dotnet-hostfxr-3.1 is earlier than 0:3.1.7-1.el8_2
          oval oval:com.redhat.rhsa:tst:20203422011
        • comment dotnet-hostfxr-3.1 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20202250012
      • AND
        • comment dotnet-runtime-3.1 is earlier than 0:3.1.7-1.el8_2
          oval oval:com.redhat.rhsa:tst:20203422013
        • comment dotnet-runtime-3.1 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20202250014
      • AND
        • comment dotnet-sdk-3.1 is earlier than 0:3.1.107-1.el8_2
          oval oval:com.redhat.rhsa:tst:20203422015
        • comment dotnet-sdk-3.1 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20202250016
      • AND
        • comment dotnet-targeting-pack-3.1 is earlier than 0:3.1.7-1.el8_2
          oval oval:com.redhat.rhsa:tst:20203422017
        • comment dotnet-targeting-pack-3.1 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20202250018
      • AND
        • comment dotnet-templates-3.1 is earlier than 0:3.1.107-1.el8_2
          oval oval:com.redhat.rhsa:tst:20203422019
        • comment dotnet-templates-3.1 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20202250020
      • AND
        • comment dotnet3.1-debugsource is earlier than 0:3.1.107-1.el8_2
          oval oval:com.redhat.rhsa:tst:20203422021
        • comment dotnet3.1-debugsource is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20202250022
      • AND
        • comment netstandard-targeting-pack-2.1 is earlier than 0:3.1.107-1.el8_2
          oval oval:com.redhat.rhsa:tst:20203422023
        • comment netstandard-targeting-pack-2.1 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20200130024
rhsa
id RHSA-2020:3422
released 2020-08-11
severity Important
title RHSA-2020:3422: .NET Core 3.1 security and bugfix update (Important)
rpms
  • rh-dotnet31-aspnetcore-runtime-3.1-0:3.1.7-1.el7
  • rh-dotnet31-aspnetcore-targeting-pack-3.1-0:3.1.7-1.el7
  • rh-dotnet31-dotnet-0:3.1.107-1.el7
  • rh-dotnet31-dotnet-apphost-pack-3.1-0:3.1.7-1.el7
  • rh-dotnet31-dotnet-debuginfo-0:3.1.107-1.el7
  • rh-dotnet31-dotnet-host-0:3.1.7-1.el7
  • rh-dotnet31-dotnet-hostfxr-3.1-0:3.1.7-1.el7
  • rh-dotnet31-dotnet-runtime-3.1-0:3.1.7-1.el7
  • rh-dotnet31-dotnet-sdk-3.1-0:3.1.107-1.el7
  • rh-dotnet31-dotnet-targeting-pack-3.1-0:3.1.7-1.el7
  • rh-dotnet31-dotnet-templates-3.1-0:3.1.107-1.el7
  • rh-dotnet31-netstandard-targeting-pack-2.1-0:3.1.107-1.el7
  • aspnetcore-runtime-3.1-0:3.1.7-1.el8_2
  • aspnetcore-targeting-pack-3.1-0:3.1.7-1.el8_2
  • dotnet-0:3.1.107-1.el8_2
  • dotnet-apphost-pack-3.1-0:3.1.7-1.el8_2
  • dotnet-apphost-pack-3.1-debuginfo-0:3.1.7-1.el8_2
  • dotnet-host-0:3.1.7-1.el8_2
  • dotnet-host-debuginfo-0:3.1.7-1.el8_2
  • dotnet-hostfxr-3.1-0:3.1.7-1.el8_2
  • dotnet-hostfxr-3.1-debuginfo-0:3.1.7-1.el8_2
  • dotnet-runtime-3.1-0:3.1.7-1.el8_2
  • dotnet-runtime-3.1-debuginfo-0:3.1.7-1.el8_2
  • dotnet-sdk-3.1-0:3.1.107-1.el8_2
  • dotnet-sdk-3.1-debuginfo-0:3.1.107-1.el8_2
  • dotnet-targeting-pack-3.1-0:3.1.7-1.el8_2
  • dotnet-templates-3.1-0:3.1.107-1.el8_2
  • dotnet3.1-debuginfo-0:3.1.107-1.el8_2
  • dotnet3.1-debugsource-0:3.1.107-1.el8_2
  • netstandard-targeting-pack-2.1-0:3.1.107-1.el8_2
refmap via4
fedora
  • FEDORA-2020-9ddf1aa50b
  • FEDORA-2020-cad5d17c6d
misc https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1597
Last major update 19-01-2024 - 00:15
Published 17-08-2020 - 19:15
Last modified 19-01-2024 - 00:15
Back to Top