近日，微软发布安全公告，紧急修复了 ASP.NET Core 中一个被评为 CVSS 9.9 分 的严重漏洞，该漏洞允许攻击者通过不一致的 HTTP 请求解释来绕过安全特性。此次修复对依赖 ASP.NET Core 的应用程序至关重要，影响范围广泛，引发了业界对 .NET 框架安全性的高度关注。

微软近期发布安全公告，紧急修补了 ASP.NET Core 中的一个关键漏洞，该漏洞允许攻击者通过不一致的 HTTP 请求解释来绕过网络安全特性。此次修复针对的漏洞 CVE-2025-55315 ，其 CVSS 评分高达 9.9 分（满分 10 分），是微软漏洞评级中最高的。此次事件再次凸显了 .NET 生态系统在 Web 应用程序安全方面的挑战，并引发了对 HTTP 请求走私 攻击的广泛关注。

作者 | Renato Losio译者 | 平川最近，微软发布了一份安全公告，修补了 ASP.NET Core 中的一个关键漏洞。该漏洞允许攻击者通过不一致的 HTTP 请求解释来绕过一项网络安全特性。CVE-2025-55315 的 CVSS 得分为 9.9 分（满分 10 分），是微软漏洞中评分最高的。该漏洞在 ASP.NET Core 10.0、9.0、8.0 版本以及 Kestrel 包 ...

快科技11月18日消息，微软近日发布安全公告，紧急修补了ASP.NET Core中的一个关键漏洞，该漏洞（CVE-2025-55315）CVSS评分达到9.9分（满分10分），成为微软漏洞库中评分最高的漏洞。该漏洞存在于ASP.NET Core ...

It’s been over a year and a half since Microsoft first announced the open source .NET Core project, which aims to bring the core parts of Microsoft’s .NET framework (and its cousin, the web-focused ...

While the big news in the .NET Core ecosystem is coming support for WinForms and WPF in .NET Core 3.0 on Windows, there are also some notable changes coming in ASP.NET Core 3.0. Microsoft yesterday ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

ASP.NET Core brings many cutting-edge approaches to building Web applications, with updates to the security architecture being especially important in the modern framework. To help developers get up ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. This article dives into the happens-before ...

Microsoft officials are showcasing some of the new fruits of its partnership with Red Hat at this week's Red Hat Summit in San Francisco. On Thursday, Microsoft execs will demonstrate SQL Server on ...