The MSRC published the following details about CVE-2018-0875 | .NET Core Denial of Service Vulnerability
The .Net Core vulnerability is documented on https://github.com/dotnet/announcements/issues/62. Fine, no problem with that.
But, the version 1.0 of the advisory for CVE-2018-0875 is wrong about PowerShell Core because it just lists 6.0.0 as affected.
It appears actually that both PowerShell Core 6.0.0 and 6.0.1 are affected by CVE-2018-0875.
The CVE-2018-0875 vulneralbility is a Hash Collision issue that can cause a Denial of Service.
PowerShell Core is a self contained application that has coreclr embedded as well as other assemblies.
PowerShell Core has been updated to target the updated .NET Core runtime, recompiled and released on this page.