CVE-2018-8356: Improper Certificate Validation

July 11, 2018 (updated September 10, 2018)

A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka “.NET Framework Security Feature Bypass Vulnerability.” This affects .NET Framework, Microsoft .NET Framework, Microsoft .NET Framework /4.7/4.7.1/4.7.2, ASP.NET Core, Microsoft .NET Framework, ASP.NET Core, ASP.NET Core, .NET Core, Microsoft .NET Framework, Microsoft .NET Framework, Microsoft .NET Framework /4.6.1/4.6.2, .NET Core, .NET Core, Microsoft .NET Framework, Microsoft .NET Framework /4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework

References

www.securityfocus.com/bid/104664
www.securitytracker.com/id/1041257
nvd.nist.gov/vuln/detail/CVE-2018-8356
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8356

Code Behaviors & Features

Detect and mitigate CVE-2018-8356 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →