7.5

CVE-2026-42899

Medienbericht

ASP.NET Core Denial of Service Vulnerability

Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service over a network.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft.Net Version >= 8.0.0 < 8.0.27
   ApplemacOS Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
Microsoft.Net Version >= 9.0.0 < 9.0.16
   ApplemacOS Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
Microsoft.Net Version >= 10.0.0 < 10.0.8
   ApplemacOS Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.04% 0.112
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
secure@microsoft.com 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.