vulnerability
Amazon Linux 2023: CVE-2025-55315: Critical priority package update for dotnet8.0 (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:S/C:C/I:P/A:N) | Oct 15, 2025 | Oct 24, 2025 | Oct 24, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:S/C:C/I:P/A:N)
Published
Oct 15, 2025
Added
Oct 24, 2025
Modified
Oct 24, 2025
Description
Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.
A flaw was found in ASP.NET Core’s HTTP request handling that leads to inconsistent interpretation of specially crafted HTTP requests. This mismatch can be abused by an authorized network attacker to smuggle or manipulate request boundaries, allowing bypass of security controls or unintended forwarding of request data.
A flaw was found in ASP.NET Core’s HTTP request handling that leads to inconsistent interpretation of specially crafted HTTP requests. This mismatch can be abused by an authorized network attacker to smuggle or manipulate request boundaries, allowing bypass of security controls or unintended forwarding of request data.
Solutions
amazon-linux-2023-upgrade-aspnetcore-runtime-8-0amazon-linux-2023-upgrade-aspnetcore-runtime-9-0amazon-linux-2023-upgrade-aspnetcore-runtime-dbg-8-0amazon-linux-2023-upgrade-aspnetcore-runtime-dbg-9-0amazon-linux-2023-upgrade-aspnetcore-targeting-pack-8-0amazon-linux-2023-upgrade-aspnetcore-targeting-pack-9-0amazon-linux-2023-upgrade-dotnetamazon-linux-2023-upgrade-dotnet8-0-debuginfoamazon-linux-2023-upgrade-dotnet8-0-debugsourceamazon-linux-2023-upgrade-dotnet9-0-debugsourceamazon-linux-2023-upgrade-dotnet-apphost-pack-8-0amazon-linux-2023-upgrade-dotnet-apphost-pack-8-0-debuginfoamazon-linux-2023-upgrade-dotnet-apphost-pack-9-0amazon-linux-2023-upgrade-dotnet-apphost-pack-9-0-debuginfoamazon-linux-2023-upgrade-dotnet-hostamazon-linux-2023-upgrade-dotnet-host-debuginfoamazon-linux-2023-upgrade-dotnet-hostfxr-8-0amazon-linux-2023-upgrade-dotnet-hostfxr-8-0-debuginfoamazon-linux-2023-upgrade-dotnet-hostfxr-9-0amazon-linux-2023-upgrade-dotnet-hostfxr-9-0-debuginfoamazon-linux-2023-upgrade-dotnet-runtime-8-0amazon-linux-2023-upgrade-dotnet-runtime-8-0-debuginfoamazon-linux-2023-upgrade-dotnet-runtime-9-0amazon-linux-2023-upgrade-dotnet-runtime-9-0-debuginfoamazon-linux-2023-upgrade-dotnet-runtime-dbg-8-0amazon-linux-2023-upgrade-dotnet-runtime-dbg-9-0amazon-linux-2023-upgrade-dotnet-sdk-8-0amazon-linux-2023-upgrade-dotnet-sdk-8-0-debuginfoamazon-linux-2023-upgrade-dotnet-sdk-8-0-source-built-artifactsamazon-linux-2023-upgrade-dotnet-sdk-9-0amazon-linux-2023-upgrade-dotnet-sdk-9-0-debuginfoamazon-linux-2023-upgrade-dotnet-sdk-9-0-source-built-artifactsamazon-linux-2023-upgrade-dotnet-sdk-aot-9-0amazon-linux-2023-upgrade-dotnet-sdk-aot-9-0-debuginfoamazon-linux-2023-upgrade-dotnet-sdk-dbg-8-0amazon-linux-2023-upgrade-dotnet-sdk-dbg-9-0amazon-linux-2023-upgrade-dotnet-targeting-pack-8-0amazon-linux-2023-upgrade-dotnet-targeting-pack-9-0amazon-linux-2023-upgrade-dotnet-templates-8-0amazon-linux-2023-upgrade-dotnet-templates-9-0amazon-linux-2023-upgrade-netstandard-targeting-pack-2-1
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.