Microsoft fixed 2 zero-days and 120 flaws during the August 2020 Patch Tuesday. A Denial of Service (DoS) vulnerability is tracked under CVE-2020-1597. The flaw has been attributed to ASP.NET Core, but lurks in the IIS server middleware provided as a part of the framework’s source code. The issue wasn’t so much with the user’s code streaming the video or the MVC framework, but rather the middleware process involved. In July, Rohan Singh of Toronto, Canada, filed a GitHub report titled, “WebSockets memory leak on Azure App Service”””
Source: https://www.bleepingcomputer.com/editorial/security/why-streaming-a-video-could-freeze-microsoft-iis-servers/