Launch Week Day 1: Announcing Security Design Review
Start for Free
HIGH 7.5 NuGet

Improper Certificate Validation

GHSA-7mfr-774f-w5r9 · CVE-2017-11770

Published · Modified

Description

.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to remotely cause a denial of service attack against a .NET Core web application by improperly parsing certificate data. A denial of service vulnerability exists when .NET Core improperly handles parsing certificate data, aka ".NET CORE Denial Of Service Vulnerability".

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes