vulnerability

Red Hat: CVE-2019-0820: CVE-2019-0820 dotnet: timeouts for regular expressions are not enforced (Multiple Advisories)

Name: Red Hat: CVE-2019-0820: CVE-2019-0820 dotnet: timeouts for regular expressions are not enforced (Multiple Advisories)
Creator: Red Hat
Published: 2019-05-16T00:00:00.000Z
Keywords: CVE, CWE-400, Red Hat, 2019, 0820, 0820 dotnet, redhat-upgrade-dotnet, redhat-upgrade-dotnet-debuginfo, redhat-upgrade-dotnet-debugsource, redhat-upgrade-dotnet-host, redhat-upgrade-dotnet-host-debuginfo, redhat-upgrade-dotnet-host-fxr-2-1, redhat-upgrade-dotnet-host-fxr-2-1-debuginfo, redhat-upgrade-dotnet-runtime-2-1, redhat-upgrade-dotnet-runtime-2-1-debuginfo, redhat-upgrade-dotnet-sdk-2-1, redhat-upgrade-dotnet-sdk-2-1-5xx, redhat-upgrade-dotnet-sdk-2-1-5xx-debuginfo, Severity 5

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

May 16, 2019

Added

May 23, 2019

Modified

Mar 27, 2026

Description

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.

Solutions

redhat-upgrade-dotnetredhat-upgrade-dotnet-debuginforedhat-upgrade-dotnet-debugsourceredhat-upgrade-dotnet-hostredhat-upgrade-dotnet-host-debuginforedhat-upgrade-dotnet-host-fxr-2-1redhat-upgrade-dotnet-host-fxr-2-1-debuginforedhat-upgrade-dotnet-runtime-2-1redhat-upgrade-dotnet-runtime-2-1-debuginforedhat-upgrade-dotnet-sdk-2-1redhat-upgrade-dotnet-sdk-2-1-5xxredhat-upgrade-dotnet-sdk-2-1-5xx-debuginfo

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report