NuGet package
nuget.commands
pkg:nuget/nuget.commands
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-29337 | — | >= 6.0.0, < 6.0.5 | 6.0.5 | Jun 14, 2023 | NuGet Client Remote Code Execution Vulnerability | ||
| CVE-2022-41032 | — | >= 4.6.0, < 4.9.6 | 4.9.6 | Oct 11, 2022 | NuGet Client Elevation of Privilege Vulnerability | ||
| CVE-2022-30184 | — | >= 3.5.0, < 4.9.5 | 4.9.5 | Jun 15, 2022 | .NET and Visual Studio Information Disclosure Vulnerability | ||
| CVE-2019-0976 | — | >= 5.0.0, < 5.0.2 | 5.0.2 | May 16, 2019 | A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder (by default "obj"), aka 'NuGet Package Manager Tampering Vulnerability'. |
- CVE-2023-29337Jun 14, 2023affected >= 6.0.0, < 6.0.5fixed 6.0.5
NuGet Client Remote Code Execution Vulnerability
- CVE-2022-41032Oct 11, 2022affected >= 4.6.0, < 4.9.6fixed 4.9.6
NuGet Client Elevation of Privilege Vulnerability
- CVE-2022-30184Jun 15, 2022affected >= 3.5.0, < 4.9.5fixed 4.9.5
.NET and Visual Studio Information Disclosure Vulnerability
- CVE-2019-0976May 16, 2019affected >= 5.0.0, < 5.0.2fixed 5.0.2
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder (by default "obj"), aka 'NuGet Package Manager Tampering Vulnerability'.