Vulnerability Description
A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | .Net Core | 1.0 |
| Microsoft | .Net Framework | 2.0 |
| Microsoft | Windows Server 2008 | - |
| Microsoft | Windows 10 | - |
| Microsoft | Windows 8.1 | - |
| Microsoft | Windows Server 2012 | - |
| Microsoft | Windows Server 2016 | - |
| Microsoft | Windows Server 2019 | - |
| Microsoft | Windows 7 | - |
| Microsoft | Windows Rt 8.1 | - |
| Redhat | Enterprise Linux | 8.0 |
| Redhat | Enterprise Linux Eus | 8.1 |
| Redhat | Enterprise Linux Server Aus | 8.2 |
| Redhat | Enterprise Linux Server Tus | 8.2 |
Related Weaknesses (CWE)
References
- https://access.redhat.com/errata/RHSA-2019:1259Third Party Advisory
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0820PatchVendor Advisory
- https://access.redhat.com/errata/RHSA-2019:1259Third Party Advisory
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0820PatchVendor Advisory
FAQ
What is CVE-2019-0820?
CVE-2019-0820 is a vulnerability with a CVSS score of 7.5 (HIGH). A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique f...
How severe is CVE-2019-0820?
CVE-2019-0820 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-0820?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft .Net Core, Microsoft .Net Framework, Microsoft Windows Server 2008, Microsoft Windows 10, Microsoft Windows 8.1.