CVE-2025-55315

CVE-2025-55315

Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.

Published Oct 15, 2025

https://github.com/advisories/GHSA-5rrx-jjjq-q2r5

CVSS ScoreCritical

9.9

Vulnerabilities

CVE-2025-55315

Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.

Published Oct 15, 2025

https://github.com/advisories/GHSA-5rrx-jjjq-q2r5

CVSS ScoreCritical

9.9

CVE-2025-55315 Security Details

CVE ID: CVE-2025-55315
CWE: CWE-444
CVE Description: Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.
Published: Oct 15, 2025
CVSS Score & Severity: 9.9Critical
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
EPSS Score: 0.205%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Affected Ecosystems: affected
Source: National Vulnerability Database
References: https://github.com/advisories/GHSA-5rrx-jjjq-q2r5THIRD_PARTY

CVE-2025-55315 Security Details

CVE ID: CVE-2025-55315
CWE: CWE-444
CVE Description: Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.
Published: Oct 15, 2025
CVSS Score & Severity: 9.9Critical
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
EPSS Score: 0.205%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Affected Ecosystems: affected
Source: National Vulnerability Database
References: https://github.com/advisories/GHSA-5rrx-jjjq-q2r5THIRD_PARTY

Find vulnerabilities. Fix fast with AI.

CVE-2025-55315

CVE-2025-55315 Security Details

CVE-2025-55315 Security Details