Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMicrosoftCVELIST:CVE-2017-0247
HistoryMay 12, 2017 - 2:00 p.m.

CVE-2017-0247

2017-05-1214:00:00
microsoft
www.cve.org

7.3 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.8%

JSON

A denial of service vulnerability exists when the ASP.NET Core fails to properly validate web requests. NOTE: Microsoft has not commented on third-party claims that the issue is that the TextEncoder.EncodeCore function in the System.Text.Encodings.Web package in ASP.NET Core Mvc before 1.0.4 and 1.1.x before 1.1.3 allows remote attackers to cause a denial of service by leveraging failure to properly calculate the length of 4-byte characters in the Unicode Non-Character range.

CNA Affected

[
  {
    "product": "ASP.NET Core",
    "vendor": "Microsoft Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "ASP.NET Core"
      }
    ]
  }
]

Related

cve 1
veracode 1
nvd 1
osv 1
prion 1
github 1
ibm 2
cve
cve
CVE-2017-0247
2017-05-12 14:29:03
veracode
veracode
Denial Of Service (DoS)
2018-07-09 02:15:33
nvd
nvd
CVE-2017-0247
2017-05-12 14:29:03
osv
osv
ASP.NET Core fails to properly validate web requests
2018-10-16 19:58:05
prion
prion
Denial of service
2017-05-12 14:29:00
github
github
ASP.NET Core fails to properly validate web requests
2018-10-16 19:58:05
ibm
ibm
Security Bulletin: Multiple vulnerabilities may affect ASP.NET Core in IBM Bluemix
2018-06-15 07:07:57
Security Bulletin: Multiple Vulnerabilities may affect IBM Robotic Process Automation
2022-05-04 18:53:46

7.3 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.8%

JSON
Related for CVELIST:CVE-2017-0247
cve1veracode1nvd1osv1prion1github1ibm2