{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-36620","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","assignerShortName":"VulDB","dateUpdated":"2025-04-15T12:56:13.797Z","dateReserved":"2022-12-21T00:00:00.000Z","datePublished":"2022-12-21T00:00:00.000Z"},"containers":{"cna":{"title":"Brondahl EnumStringValues EnumExtensions.cs GetStringValuesWithPreferences_Uncache resource consumption","providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2022-12-24T21:10:49.104Z"},"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-400","lang":"en","description":"CWE-400 Resource Consumption"}]}],"affected":[{"vendor":"Brondahl","product":"EnumStringValues","versions":[{"version":"4.0","status":"affected"}]}],"descriptions":[{"lang":"en","value":"A vulnerability was found in Brondahl EnumStringValues up to 4.0.0. It has been declared as problematic. This vulnerability affects the function GetStringValuesWithPreferences_Uncache of the file EnumStringValues/EnumExtensions.cs. The manipulation leads to resource consumption. Upgrading to version 4.0.1 is able to address this issue. The name of the patch is c0fc7806beb24883cc2f9543ebc50c0820297307. It is recommended to upgrade the affected component. VDB-216466 is the identifier assigned to this vulnerability."},{"lang":"de","value":"In Brondahl EnumStringValues bis 4.0.0 wurde eine Schwachstelle ausgemacht. Sie wurde als problematisch eingestuft. Das betrifft die Funktion GetStringValuesWithPreferences_Uncache der Datei EnumStringValues/EnumExtensions.cs. Durch Manipulieren mit unbekannten Daten kann eine resource consumption-Schwachstelle ausgenutzt werden. Ein Aktualisieren auf die Version 4.0.1 vermag dieses Problem zu lösen. Der Patch wird als c0fc7806beb24883cc2f9543ebc50c0820297307 bezeichnet. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen."}],"metrics":[{"cvssV3_1":{"version":"3.1","baseScore":3.5,"vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseSeverity":"LOW"}},{"cvssV3_0":{"version":"3.0","baseScore":3.5,"vectorString":"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseSeverity":"LOW"}}],"timeline":[{"time":"2022-12-21T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2022-12-21T01:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2022-12-24T15:00:47.000Z","lang":"en","value":"VulDB last update"}],"references":[{"url":"https://vuldb.com/?id.216466","tags":["technical-description","vdb-entry"]},{"url":"https://github.com/Brondahl/EnumStringValues/commit/c0fc7806beb24883cc2f9543ebc50c0820297307","tags":["mitigation","patch"]},{"url":"https://github.com/Brondahl/EnumStringValues/releases/tag/4.0.1","tags":["mitigation"]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T17:30:08.327Z"},"title":"CVE Program Container","references":[{"url":"https://vuldb.com/?id.216466","tags":["technical-description","vdb-entry","x_transferred"]},{"url":"https://github.com/Brondahl/EnumStringValues/commit/c0fc7806beb24883cc2f9543ebc50c0820297307","tags":["mitigation","patch","x_transferred"]},{"url":"https://github.com/Brondahl/EnumStringValues/releases/tag/4.0.1","tags":["mitigation","x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-04-14T17:00:45.737917Z","id":"CVE-2020-36620","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-04-15T12:56:13.797Z"}}]}}