Microsoft has issued a security advisory regarding a vulnerability in ASP.NET Core which we want to pass on to you.
Microsoft describes the vulnerability as follow:
“A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication.
A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the ASP.NET Core application.”
The most recent .NET Core updates cover a fix for this and you can read about it in the release notes here as well as get the download: