{"id":"CVE-2018-8409","details":"A denial of service vulnerability exists when System.IO.Pipelines improperly handles requests, aka \"System.IO.Pipelines Denial of Service.\" This affects .NET Core 2.1, System.IO.Pipelines, ASP.NET Core 2.1.","aliases":["GHSA-j378-6mmw-hqfr"],"modified":"2026-03-15T14:32:09.355788Z","published":"2018-09-13T00:29:02.037Z","references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/105223"},{"type":"FIX","url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8409"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/dotnet/core","events":[{"introduced":"e7dd0cd3ff917f087f7af2163006d7df6827438b"},{"fixed":"d7ae48621cf8955790625324d8d233ab9b005a10"},{"introduced":"e7dd0cd3ff917f087f7af2163006d7df6827438b"},{"fixed":"d7ae48621cf8955790625324d8d233ab9b005a10"}],"database_specific":{"versions":[{"introduced":"2.1"},{"fixed":"2.1.4"},{"introduced":"2.1"},{"fixed":"2.1.4"}]}}],"versions":["v1.0.12","v1.1.9","v2.0.9","v2.1.0","v2.1.1","v2.1.2","v2.1.3","v2.2.0-preview1"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"4.5.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-8409.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}