CVE-2018-8409: Moderate severity vulnerability that affects Microsoft.AspNetCore.All, Microsoft.AspNetCore.App, and System.IO.Pipelines

October 16, 2018 (updated September 14, 2021)

A denial of service vulnerability exists when System.IO.Pipelines improperly handles requests, aka “System.IO.Pipelines Denial of Service.” This affects .NET Core 2.1, System.IO.Pipelines, ASP.NET Core 2.1.

References

github.com/advisories/GHSA-j378-6mmw-hqfr
nvd.nist.gov/vuln/detail/CVE-2018-8409

Detect and mitigate CVE-2018-8409 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →