Is Microsoft.AspNetCore.Server.Kestrel.Core safe to use?

Microsoft.AspNetCore.Server.Kestrel.Core has 2 known vulnerabilities on the latest version (2.3.9). DepScope rates its health at 56/100 (high risk).

What is the latest version of Microsoft.AspNetCore.Server.Kestrel.Core?

The latest version of Microsoft.AspNetCore.Server.Kestrel.Core is 2.3.9, released 2026-01-07.

Does Microsoft.AspNetCore.Server.Kestrel.Core have known vulnerabilities?

Yes. Microsoft.AspNetCore.Server.Kestrel.Core has 2 known vulnerabilities. See depscope.dev/pkg/nuget/Microsoft.AspNetCore.Server.Kestrel.Core for details.

Is Microsoft.AspNetCore.Server.Kestrel.Core deprecated?

No, Microsoft.AspNetCore.Server.Kestrel.Core is actively maintained. Latest release: 2.3.9 (2026-01-07).

What are alternatives to Microsoft.AspNetCore.Server.Kestrel.Core?

DepScope has no curated alternatives for Microsoft.AspNetCore.Server.Kestrel.Core at this time.

What license does Microsoft.AspNetCore.Server.Kestrel.Core use?

License information for Microsoft.AspNetCore.Server.Kestrel.Core is not declared in the registry metadata.

Microsoft.AspNetCore.Server.Kestrel.Core

nugetv2.3.9

Core components of ASP.NET Core Kestrel cross-platform web server.

25 versions1 maintainers13 deps1,251,529 weekly dl

https://asp.net/

/ 100

Health

do not use

Microsoft.AspNetCore.Server.Kestrel.Core has critical vulnerabilities — do not use

Update to >= 8.0.21 to fix known vulnerabilities

1 high severity vulnerabilities
1 critical vulnerabilities

Health breakdown0 – 100

15/25

maintenance

17/20

popularity

10/25

security

12/15

maturity

2/15

community

Vulnerabilities

1 critical1 high

Advisories (2)

Severity	ID	Summary	Fixed in
high	BIT-aspnet-core-2021-1723	ASP.NET Core and Visual Studio Denial of Service Vulnerability	5.0.2
critical	BIT-aspnet-core-2025-55315	Microsoft Security Advisory CVE-2025-55315: .NET Security Feature Bypass Vulnerability	8.0.21

Health History

Dependency Tree

License Audit

Dependencies (13)

Microsoft.AspNetCore.Hosting.Abstractions Microsoft.AspNetCore.Server.Kestrel.Transport.Abstractions Microsoft.AspNetCore.WebUtilities Microsoft.Extensions.Configuration Microsoft.Extensions.Configuration.Binder Microsoft.Extensions.Logging.Abstractions Microsoft.Extensions.Options Microsoft.Net.Http.Headers System.Memory System.Numerics.Vectors System.Runtime.CompilerServices.Unsafe System.Security.Cryptography.Cng System.Threading.Tasks.Extensions

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/nuget/Microsoft.AspNetCore.Server.Kestrel.Core

Last updated · 2026-01-07T20:26:28.857+00:00