Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x86@10.0.0-rc.1.25451.107
Typenuget
Namespace
NameMicrosoft.AspNetCore.App.Runtime.win-x86
Version10.0.0-rc.1.25451.107
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-cju3-5hjk-h3d3
vulnerability_id VCID-cju3-5hjk-h3d3
summary 
Microsoft Security Advisory CVE-2025-55315: .NET Security Feature Bypass Vulnerability
Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 10.0 , ASP.NET Core 9.0 , ASP.NET Core 8.0, and ASP.NET Core 2.3. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability.

Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55315.json
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55315.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-55315
reference_id
reference_type
scores
0
value 0.00205
scoring_system epss
scoring_elements 0.42672
published_at 2026-04-04T12:55:00Z
1
value 0.00205
scoring_system epss
scoring_elements 0.42645
published_at 2026-04-02T12:55:00Z
2
value 0.01104
scoring_system epss
scoring_elements 0.78068
published_at 2026-04-08T12:55:00Z
3
value 0.01104
scoring_system epss
scoring_elements 0.78042
published_at 2026-04-07T12:55:00Z
4
value 0.01284
scoring_system epss
scoring_elements 0.79642
published_at 2026-04-21T12:55:00Z
5
value 0.01284
scoring_system epss
scoring_elements 0.79612
published_at 2026-04-09T12:55:00Z
6
value 0.01284
scoring_system epss
scoring_elements 0.79633
published_at 2026-04-11T12:55:00Z
7
value 0.01284
scoring_system epss
scoring_elements 0.79617
published_at 2026-04-12T12:55:00Z
8
value 0.01284
scoring_system epss
scoring_elements 0.79609
published_at 2026-04-13T12:55:00Z
9
value 0.01284
scoring_system epss
scoring_elements 0.7964
published_at 2026-04-16T12:55:00Z
10
value 0.01284
scoring_system epss
scoring_elements 0.79639
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-55315
2
reference_url https://github.com/dotnet/announcements/issues/371
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/announcements/issues/371
3
reference_url https://github.com/dotnet/aspnetcore
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/aspnetcore
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2403085
reference_id 2403085
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2403085
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52492.py
reference_id CVE-2025-55315
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52492.py
6
reference_url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55315
reference_id CVE-2025-55315
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L/E:U/RL:O/RC:C
1
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-10-28T12:57:54Z/
url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55315
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-55315
reference_id CVE-2025-55315
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-55315
8
reference_url https://github.com/advisories/GHSA-5rrx-jjjq-q2r5
reference_id GHSA-5rrx-jjjq-q2r5
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5rrx-jjjq-q2r5
9
reference_url https://github.com/dotnet/aspnetcore/security/advisories/GHSA-5rrx-jjjq-q2r5
reference_id GHSA-5rrx-jjjq-q2r5
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/dotnet/aspnetcore/security/advisories/GHSA-5rrx-jjjq-q2r5
10
reference_url https://access.redhat.com/errata/RHSA-2025:18148
reference_id RHSA-2025:18148
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:18148
11
reference_url https://access.redhat.com/errata/RHSA-2025:18149
reference_id RHSA-2025:18149
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:18149
12
reference_url https://access.redhat.com/errata/RHSA-2025:18150
reference_id RHSA-2025:18150
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:18150
13
reference_url https://access.redhat.com/errata/RHSA-2025:18151
reference_id RHSA-2025:18151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:18151
14
reference_url https://access.redhat.com/errata/RHSA-2025:18152
reference_id RHSA-2025:18152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:18152
15
reference_url https://access.redhat.com/errata/RHSA-2025:18153
reference_id RHSA-2025:18153
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:18153
16
reference_url https://access.redhat.com/errata/RHSA-2025:18256
reference_id RHSA-2025:18256
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:18256
17
reference_url https://access.redhat.com/errata/RHSA-2025:23225
reference_id RHSA-2025:23225
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23225
18
reference_url https://usn.ubuntu.com/7822-1/
reference_id USN-7822-1
reference_type
scores
url https://usn.ubuntu.com/7822-1/
fixed_packages
0
url pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x86@10.0.0-rc.2.25502.107
purl pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x86@10.0.0-rc.2.25502.107
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x86@10.0.0-rc.2.25502.107
aliases CVE-2025-55315, GHSA-5rrx-jjjq-q2r5
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cju3-5hjk-h3d3
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:nuget/Microsoft.AspNetCore.App.Runtime.win-x86@10.0.0-rc.1.25451.107