If you discover a security vulnerability in DebugProbe.AspNetCore, please report it privately.
Please do not open public GitHub issues for security-related reports.
Contact via Email
You can also use GitHub Private Vulnerability Reporting.
Include:
- Description of the issue
- Steps to reproduce
- Potential impact
- Suggested fix (if available)
You will receive a response as soon as possible.
| Version | Supported |
|---|---|
| Latest | YES |
| Older | NO |
DebugProbe.AspNetCore is a development and debugging tool intended primarily for local and non-production environments.
By default:
- Data is stored in-memory only
- Data is not persisted externally
- Stored entries are cleared when the application stops
- Only a limited number of requests are retained
Avoid exposing DebugProbe endpoints publicly or using the package in production environments without proper security review and access restrictions.
Users are responsible for filtering sensitive headers, tokens, cookies, and personal data where necessary.