WS-2018-0607 | Mend Vulnerability Database

Vulnerability DatabaseWS-2018-0607

WS-2018-0607

Published:May 14, 2026

Updated:May 14, 2026

Denial of service vulnerability in ASP.NET Core when a malformed request is terminated.

Affected Packages

microsoft.azure.signalr.benchmark (NUGET):

Affected version(s) >=1.0.0-preview1-10001 <=1.0.0-preview1-10415

Fix Suggestion:

Update to version no_fix

stubby.consolerunner (NUGET):

Affected version(s) >=0.1.2 <=0.1.15

Fix Suggestion:

Update to version no_fix

ind-studio-scada (NUGET):

Affected version(s) >=1.0.16 <=8.0.24

Fix Suggestion:

Update to version no_fix

swashbuckle.aspnetcore.cli.gpn (NUGET):

Affected version(s) =6.5.1

Fix Suggestion:

Update to version no_fix

microsoftdynamicsmanager (NUGET):

Affected version(s) =1.0.0 <1.0.1

Fix Suggestion:

Update to version 1.0.1

sourcebrowser (NUGET):

Affected version(s) =1.0.18 <1.0.19

Fix Suggestion:

Update to version 1.0.19

microsoft.aspnetcore.all (NUGET):

Affected version(s) >=2.0.0 <2.0.9

Fix Suggestion:

Update to version 2.0.9

plexus.interop.broker.redist-win-x86 (NUGET):

Affected version(s) >=0.1.0 <0.4.0-beta.1

Fix Suggestion:

Update to version 0.4.0-beta.1

codemanderdebugger-x64 (NUGET):

Affected version(s) >=1.0.7 <1.0.12

Fix Suggestion:

Update to version 1.0.12

jonasmh.swashbuckle.aspnetcore.cli (NUGET):

Affected version(s) >=6.0.0 <=6.0.1

Fix Suggestion:

Update to version no_fix

asvishnyakov.virtocommerce.globaltool (NUGET):

Affected version(s) >=0.0.1-alpha1 <=0.0.1-alpha3

Fix Suggestion:

Update to version no_fix

lunet (NUGET):

Affected version(s) =0.1.0-alpha.1 <0.1.0-alpha.2

Fix Suggestion:

Update to version 0.1.0-alpha.2

markdownpages.cli (NUGET):

Affected version(s) =0.1.0

Fix Suggestion:

Update to version no_fix

codemanderdebugger (NUGET):

Affected version(s) >=1.0.4 <=1.0.6

Fix Suggestion:

Update to version no_fix

minima.globaltool (NUGET):

Affected version(s) >=1.1.0 <=1.3.0

Fix Suggestion:

Update to version no_fix

microsoft.dotnet-signalr-benchmark (NUGET):

Affected version(s) =1.0.0-preview1-10422 <1.0.0-preview2.19516.1

Fix Suggestion:

Update to version 1.0.0-preview2.19516.1

microsoft.aspnetcore.server.kestrel.core (NUGET):

Affected version(s) >=2.1.0-rc1-final <2.1.2

Fix Suggestion:

Update to version 2.1.2

microsoft.servicefabric.volumedriver (NUGET):

Affected version(s) =7.2.457

Fix Suggestion:

Update to version no_fix

microsoft.servicefabric.azurefiles.volumeplugin (NUGET):

Affected version(s) =7.2.457

Fix Suggestion:

Update to version no_fix

dotnet-oads (NUGET):

Affected version(s) >=1.2.0 <1.2.2

Fix Suggestion:

Update to version 1.2.2

musement.lambdaexec (NUGET):

Affected version(s) >=0.1.0 <=0.3.0

Fix Suggestion:

Update to version no_fix

xam.plugin.livesync (NUGET):

Affected version(s) >=1.0.20 <=1.0.30

Fix Suggestion:

Update to version no_fix

microsoft.aspnetcore.server.kestrel.core (NUGET):

Affected version(s) >=2.0.0 <2.0.4

Fix Suggestion:

Update to version 2.0.4

virtocommerce.globaltool (NUGET):

Affected version(s) >=1.3.6 <3.0.0-beta0004

Fix Suggestion:

Update to version 3.0.0-beta0004

swashbuckle.aspnetcore.cli (NUGET):

Affected version(s) >=5.0.0-rc3 <7.0.0

Fix Suggestion:

Update to version 7.0.0

nswag.msbuild (NUGET):

Affected version(s) >=12.0.0 <12.0.2

Fix Suggestion:

Update to version 12.0.2

wk.videoserver (NUGET):

Affected version(s) =0.1.0

Fix Suggestion:

Update to version no_fix

tennis (NUGET):

Affected version(s) >=1.0.0 <=1.0.2

Fix Suggestion:

Update to version no_fix

microsoft.aspnetcore.app (NUGET):

Affected version(s) >=2.1.0 <2.1.2

Fix Suggestion:

Update to version 2.1.2

microsoft.aspnetcore.all (NUGET):

Affected version(s) >=2.1.0 <2.1.2

Fix Suggestion:

Update to version 2.1.2

joedoe.swashbuckle.aspnetcore.cli (NUGET):

Affected version(s) =6.5.0

Fix Suggestion:

Update to version no_fix

virtocommerce.globaltool (NUGET):

Affected version(s) >=3.0.0 <3.810.0-alpha.236

Fix Suggestion:

Update to version 3.810.0-alpha.236

codemanderdebugger-x86 (NUGET):

Affected version(s) >=1.0.7 <1.0.12

Fix Suggestion:

Update to version 1.0.12

higrow.aspnetcore.cli (NUGET):

Affected version(s) =6.5.0 <6.5.1

Fix Suggestion:

Update to version 6.5.1

reactes6.web (NUGET):

Affected version(s) >=0.0.2 <0.0.4

Fix Suggestion:

Update to version 0.0.4

Related Resources (1)

https://github.com/aspnet/Announcements/issues/311

Do you need more information?

CVSS v4

Base Score:

8.7

Attack Vector

NETWORK

Attack Complexity

LOW

Attack Requirements

NONE

Privileges Required

NONE

User Interaction

NONE

Vulnerable System Confidentiality

NONE

Vulnerable System Integrity

NONE

Vulnerable System Availability

HIGH

Subsequent System Confidentiality

NONE

Subsequent System Integrity

NONE

Subsequent System Availability

NONE

CVSS v3

Base Score:

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH