Improper Input Validation in Microsoft.NETCore.App

GHSA-8884-xcr4-r68p · CVE-2017-8585

Published May 17, 2022 · Modified Nov 8, 2023

Description

Microsoft .NET Framework 4.6, 4.6.1, 4.6.2, and 4.7 allow an attacker to send specially crafted requests to a .NET web application, resulting in denial of service, aka .NET Denial of Service Vulnerability.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2017-8585
WEB https://github.com/dotnet/corefx/issues/24703
WEB https://access.redhat.com/errata/RHSA-2017:3248
WEB https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8585
WEB http://www.securityfocus.com/bid/99432
WEB http://www.securitytracker.com/id/1038864

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes