VYPR
High severity7.5NVD Advisory· Published Nov 15, 2017· Updated Jun 17, 2026

CVE-2017-11770

CVE-2017-11770

Description

.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to remotely cause a denial of service attack against a .NET Core web application by improperly parsing certificate data. A denial of service vulnerability exists when .NET Core improperly handles parsing certificate data, aka ".NET CORE Denial Of Service Vulnerability".

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
System.Security.Cryptography.X509CertificatesNuGet
>= 4.0.0, < 4.1.24.1.2
Microsoft.NETCore.AppNuGet
>= 1.0.0, < 2.0.32.0.3

Affected products

6

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.