CVE-2019-0820

HIGH7.5EPSS 8.1%

Regular Expression Denial of Service in System.Text.RegularExpressions

發布日:2021/8/4修改日:2023/11/8

描述

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.

受影響套件(1)

NuGet/System.Text.RegularExpressions>= 4.3.0, < 4.3.1

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	HIGH7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

參考連結(3)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2019-0820
WEBhttps://access.redhat.com/errata/RHSA-2019:1259
WEBhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0820