.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to remotely cause a denial of service attack against a .NET Core web application by improperly parsing certificate data. A denial of service vulnerability exists when .NET Core improperly handles parsing certificate data, aka ".NET CORE Denial Of Service Vulnerability".
{ "cwe_ids": [ "CWE-295" ], "severity": "HIGH", "nvd_published_at": null, "github_reviewed_at": "2022-04-12T00:07:34Z", "github_reviewed": true }