Search for packages
| purl | pkg:nuget/Microsoft.AspNetCore.Server.Kestrel.Core@2.1.0-preview1-final |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-cju3-5hjk-h3d3
Aliases: CVE-2025-55315 GHSA-5rrx-jjjq-q2r5 |
Microsoft Security Advisory CVE-2025-55315: .NET Security Feature Bypass Vulnerability Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 10.0 , ASP.NET Core 9.0 , ASP.NET Core 8.0, and ASP.NET Core 2.3. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability. Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network. |
Affected by 0 other vulnerabilities. |
|
VCID-nx74-pj4e-4fde
Aliases: CVE-2021-1723 GHSA-242j-2gm6-5rwx |
ASP.NET Core and Visual Studio Denial of Service Vulnerability A denial-of-service vulnerability exists in the way Kestrel parses HTTP/2 requests. The security update addresses the vulnerability by fixing the way the Kestrel parses HTTP/2 requests. Users are advised to upgrade. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||