Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Lifecycle Timeline
1DescriptionNVD
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder (by default "obj"), aka 'NuGet Package Manager Tampering Vulnerability'.
AnalysisAI
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder (by default "obj"), aka. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Technical ContextAI
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder (by default "obj"), aka 'NuGet Package Manager Tampering Vulnerability'. Affected products include: Microsoft Nuget.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Jenkins Nuget Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rat
An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow, in th
NuGet Client Remote Code Execution Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploit
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attack
.NET Framework Information Disclosure Vulnerability. Rated medium severity (CVSS 5.8).
.NET and Visual Studio Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today