High severity7.5NVD Advisory· Published Sep 13, 2018· Updated Jun 17, 2026
CVE-2018-8409
CVE-2018-8409
Description
A denial of service vulnerability exists when System.IO.Pipelines improperly handles requests, aka "System.IO.Pipelines Denial of Service." This affects .NET Core 2.1, System.IO.Pipelines, ASP.NET Core 2.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
Microsoft.AspNetCore.AllNuGet | >= 2.1.0, < 2.1.4 | 2.1.4 |
Microsoft.AspNetCore.AppNuGet | >= 2.1.0, < 2.1.4 | 2.1.4 |
System.IO.PipelinesNuGet | >= 4.5.0, < 4.5.1 | 4.5.1 |
Affected products
6- ghsa-coords3 versions
>= 2.1.0, < 2.1.4+ 2 more
- (no CPE)range: >= 2.1.0, < 2.1.4
- (no CPE)range: >= 2.1.0, < 2.1.4
- (no CPE)range: >= 4.5.0, < 4.5.1
- Range: 2.1
- Range: System.IO.Pipelines
Patches
Vulnerability mechanics
References
4- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8409nvdPatchVendor AdvisoryWEB
- www.securityfocus.com/bid/105223nvdThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-j378-6mmw-hqfrghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-8409ghsaADVISORY
News mentions
0No linked articles in our index yet.