Critical DDOS vulnerability in Microsoft.TeamFoundationServer.Client 20.257.0-preview  System.Text.RegularExpressions 4.3.0

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from https://github.com/advisories/GHSA-xhfc-gr8f-ffwc, https://github.com/advisories/GHSA-5f2m-466j-3848.

Transitive dependency System.Text.RegularExpressions 4.3.0 is introduced via
Microsoft.TeamFoundationServer.Client 20.257.0-preview  System.Text.RegularExpressions 4.3.0

Is there any fix in any of the previews for this?

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Critical DDOS vulnerability in Microsoft.TeamFoundationServer.Client 20.257.0-preview System.Text.RegularExpressions 4.3.0 #37

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Critical DDOS vulnerability in Microsoft.TeamFoundationServer.Client 20.257.0-preview System.Text.RegularExpressions 4.3.0 #37

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions