First published: Thu Sep 13 2018(Updated: )
A denial of service vulnerability exists when System.IO.Pipelines improperly handles requests, aka "System.IO.Pipelines Denial of Service." This affects .NET Core 2.1, System.IO.Pipelines, ASP.NET Core 2.1.
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft .NET Core | >=2.1<2.1.4 | |
Microsoft ASP.NET Core | >=2.1<2.1.4 | |
Microsoft System.io.pipelines | =4.5.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this issue is CVE-2018-8409.
The severity of CVE-2018-8409 is high with a CVSS score of 7.5.
The affected software includes .NET Core 2.1, ASP.NET Core 2.1, and Microsoft System.IO.Pipelines 4.5.0.
CVE-2018-8409 is a denial of service vulnerability that exists when System.IO.Pipelines improperly handles requests.
To fix CVE-2018-8409, users should update to a version above 2.1.4 for .NET Core and ASP.NET Core, or update to a version higher than 4.5.0 for Microsoft System.IO.Pipelines.