7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
37.2%
.NET Core is vulnerable to denial of service. The vulnerability exists due to a stack overflow which allows an attacker to send a customized payload that is parsed during model binding and cause an application crash.
github.com/advisories/GHSA-r8m2-4x37-6592
github.com/dotnet/announcements/issues/234
github.com/dotnet/aspnetcore/commit/b8dc1f26e3e4faf6576377e0bafb1a22ae6499f9
github.com/dotnet/aspnetcore/commit/fb8c9e7800619ad6ce75fc9591cd4b06c93e5164
github.com/dotnet/aspnetcore/issues/43953
github.com/dotnet/aspnetcore/pull/43122
github.com/dotnet/aspnetcore/pull/43123
lists.fedoraproject.org/archives/list/[email protected]/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY/
lists.fedoraproject.org/archives/list/[email protected]/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE/
lists.fedoraproject.org/archives/list/[email protected]/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y/
lists.fedoraproject.org/archives/list/[email protected]/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG/
lists.fedoraproject.org/archives/list/[email protected]/message/WL334CKOHA6BQQSYJW365HIWJ4IOE45M/
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38013
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
37.2%