GHSA-rr3c-f55v-qhv5
Suggest an improvement- Source
- https://github.com/advisories/GHSA-rr3c-f55v-qhv5
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-rr3c-f55v-qhv5/GHSA-rr3c-f55v-qhv5.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-rr3c-f55v-qhv5
- Aliases
- Published
- 2018-10-16T17:34:00Z
- Modified
- 2024-12-02T05:51:59.374774Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Denial of service vulnerability exists when .NET and .NET Core improperly process XML documents
- Details
-
Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of service vulnerability due to the way XML documents are processed, aka ".NET and .NET Core Denial Of Service Vulnerability". This CVE is unique from CVE-2018-0765.
- Database specific
{ "nvd_published_at": "2018-01-10T01:29:00Z", "cwe_ids": [], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2020-06-16T21:55:37Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2018-0764
- https://access.redhat.com/errata/RHSA-2018:0379
- https://github.com/advisories/GHSA-rr3c-f55v-qhv5
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0764
- http://www.securityfocus.com/bid/102387
- http://www.securitytracker.com/id/1040152
Affected packages
NuGet / System.Security.Cryptography.Xml
Package
- Name
- System.Security.Cryptography.Xml
- View open source insights on deps.dev
- Purl
- pkg:nuget/System.Security.Cryptography.Xml