CVE-2019-0980

HIGH7.5EPSS 5.7%

Denial of service in ASP.NET Core

Published: 5/24/2022Modified: 12/7/2024

Description

A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0981.

Affected packages (1)

NuGet/System.Private.Uri>= 4.3.0, < 4.3.2

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.5	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References (4)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2019-0980
WEBhttps://github.com/dotnet/announcements/issues/112
WEBhttps://github.com/github/advisory-database/issues/302
WEBhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0980