CVE number – CVE-2021-26701
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 5.0, .NET Core 3.1, and .NET Core 2.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A remote code execution vulnerability exists in .NET 5 and .NET Core due to how text encoding is performed.
The vulnerable package is System.Text.Encodings.Web . Upgrading your package and redeploying your app should be sufficient to address this vulnerability.
Further information – https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26701