CVE-2018-0875

.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 allow a denial of Service vulnerability due to how specially crafted requests are handled, aka ".NET Core Denial of Service Vulnerability".
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
microsoftCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 94%
VendorProductVersion
microsoftasp.net_core
1.0
microsoftasp.net_core
1.1
microsoftasp.net_core
2.0
microsoftpowershell_core
6.0
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/103225
http://www.securitytracker.com/id/1040505
https://access.redhat.com/errata/RHSA-2018:0522
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0875
http://www.securityfocus.com/bid/103225
http://www.securitytracker.com/id/1040505
https://access.redhat.com/errata/RHSA-2018:0522
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0875