.NET Core is vulnerable to remote code execution (RCE). The vulnerability exists in the XML source markup processing.
packetstormsecurity.com/files/158694/SharePoint-DataSet-DataTable-Deserialization.html
packetstormsecurity.com/files/158876/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html
packetstormsecurity.com/files/163644/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html
access.redhat.com/errata/RHSA-2020:2937
access.redhat.com/security/updates/classification/#critical
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1147
www.exploitalert.com/view-details.html?id=35992