CVE-2019-0820

MEDIUM

Description

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.

References

https://access.redhat.com/errata/RHSA-2019:1259

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0820

Details

Source: MITRE

Published: 2019-05-16

Updated: 2020-08-24

Type: CWE-400

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3.0

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH