Skip to main content

Nuget

7 CVEs product

Monthly

CVE-2023-29337 NuGet HIGH PATCH This Week

NuGet Client Remote Code Execution Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable.

RCE Nuget
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2022-41064 NuGet MEDIUM PATCH This Month

.NET Framework Information Disclosure Vulnerability. Rated medium severity (CVSS 5.8).

Information Disclosure Net Framework Nuget
NVD
CVSS 3.1
5.8
EPSS
0.7%
CVE-2022-30184 NuGet MEDIUM PATCH This Month

.NET and Visual Studio Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Visual Studio 2022 Net Net Core Nuget +2
NVD
CVSS 3.1
5.5
EPSS
5.3%
CVE-2021-21658 Maven CRITICAL PATCH Act Now

Jenkins Nuget Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins XXE Nuget
NVD
CVSS 3.1
9.1
EPSS
1.5%
CVE-2019-1258 NuGet HIGH PATCH This Week

An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow, in the way the library caches tokens. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Active Directory Authentication Library Nuget
NVD
CVSS 3.0
8.8
EPSS
3.8%
CVE-2019-0976 NuGet MEDIUM PATCH This Month

A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder (by default "obj"), aka. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Nuget
NVD
CVSS 3.1
5.5
EPSS
1.2%
CVE-2019-0757 MEDIUM PATCH This Month

A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Visual Studio 2017 Nuget Mono Framework Net Core Sdk +4
NVD
CVSS 3.1
6.5
EPSS
2.7%
EPSS 1% CVSS 7.1
HIGH PATCH This Week

NuGet Client Remote Code Execution Vulnerability. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable.

RCE Nuget
NVD
EPSS 1% CVSS 5.8
MEDIUM PATCH This Month

.NET Framework Information Disclosure Vulnerability. Rated medium severity (CVSS 5.8).

Information Disclosure Net Framework Nuget
NVD
EPSS 5% CVSS 5.5
MEDIUM PATCH This Month

.NET and Visual Studio Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Visual Studio 2022 Net +4
NVD
EPSS 2% CVSS 9.1
CRITICAL PATCH Act Now

Jenkins Nuget Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins XXE Nuget
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow, in the way the library caches tokens. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Active Directory Authentication Library +1
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder (by default "obj"), aka. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Nuget
NVD
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Visual Studio 2017 Nuget +6
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy