High severity7.5NVD Advisory· Published Jan 10, 2018· Updated Jun 17, 2026
CVE-2018-0764
CVE-2018-0764
Description
Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of service vulnerability due to the way XML documents are processed, aka ".NET and .NET Core Denial Of Service Vulnerability". This CVE is unique from CVE-2018-0765.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
System.Security.Cryptography.XmlNuGet | < 4.4.2 | 4.4.2 |
Affected products
2- Microsoft Corporation/.NET Framework and .NET Corev5Range: Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0
Patches
Vulnerability mechanics
References
6- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0764nvdPatchVendor AdvisoryWEB
- www.securityfocus.com/bid/102387nvdThird Party AdvisoryVDB EntryWEB
- www.securitytracker.com/id/1040152nvdThird Party AdvisoryVDB EntryWEB
- access.redhat.com/errata/RHSA-2018:0379nvdThird Party AdvisoryWEB
- github.com/advisories/GHSA-rr3c-f55v-qhv5ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-0764ghsaADVISORY
News mentions
0No linked articles in our index yet.