.NET Core 1.0, 1.1 and 2.0 perform improper processing of XML documents. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to a .NET Core application. References: https://nvd.nist.gov/vuln/detail/CVE-2018-0764 https://github.com/dotnet/core/blob/master/release-notes/2.0/2.0.5.md https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0764 https://github.com/dotnet/corefx/commit/3f1155b
This issue has been addressed in the following products: .NET Core on Red Hat Enterprise Linux Via RHSA-2018:0379 https://access.redhat.com/errata/RHSA-2018:0379
Closing as this flaw was addressed in an errata.