## CVE-2019-0980 - High Severity Vulnerability

Vulnerable Library - system.private.uri.4.3.0.nupkg

Internal implementation package not meant for direct consumption. Please do not reference directly....

Library home page: https://api.nuget.org/packages/system.private.uri.4.3.0.nupkg

Path to vulnerable library: /packages/system.private.uri/4.3.0/system.private.uri.4.3.0.nupkg

Dependency Hierarchy: - :x: **system.private.uri.4.3.0.nupkg** (Vulnerable Library)

Found in HEAD commit: 3b779dff33329123519e7803eacab63fe19606d1

Vulnerability Details

A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0981.

Publish Date: 2019-05-16

URL: CVE-2019-0980

CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0980

Release Date: 2019-05-16

Fix Resolution: 4.3.2

*** Step up your Open Source Security Game with WhiteSource [here](https://www.whitesourcesoftware.com/full_solution_bolt_github)

CVE-2019-0980 (High) detected in system.private.uri.4.3.0.nupkg #5

Company

Community

Support

Connect