← Back

Nuget

nuget

Vendor: Microsoft • 6 CVEs

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-29337
1Microsoft
1Nuget
Nov 21, 2024
Jun 14, 2023
N/A· v4
7.1 HIGH· v3
N/A· v2
NuGet Client Remote Code Execution Vulnerability
CVE-2022-41064
1Microsoft
2.net Framework
Nuget
Jan 2, 2025
Nov 9, 2022
N/A· v4
5.8 MEDIUM· v3
N/A· v2
.NET Framework Information Disclosure Vulnerability
CVE-2022-30184
2Fedoraproject
Microsoft
6.net
.net CoreFedora+3 more
Feb 28, 2025
Jun 15, 2022
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
.NET and Visual Studio Information Disclosure Vulnerability
CVE-2019-1258
1Microsoft
2Active Directory Authentication Library
Nuget
Feb 20, 2026
Aug 14, 2019
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow, in the way the library caches tokens. This vulnerability allows an authenticated attacker to perform acti...Show more
An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow, in the way the library caches tokens. This vulnerability allows an authenticated attacker to perform actions in context of another user. The authenticated attacker can exploit this vulneraiblity by accessing a service configured for On-Behalf-Of flow that assigns incorrect tokens. This security update addresses the vulnerability by removing fallback cache look-up for On-Behalf-Of scenarios.Show less
CVE-2019-0976
1Microsoft
1Nuget
Nov 21, 2024
May 16, 2019
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder (by default "obj"), aka 'NuGet Package Manage...Show more
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder (by default "obj"), aka 'NuGet Package Manager Tampering Vulnerability'.Show less
CVE-2019-0757
3Microsoft
Mono ProjectRedhat
8.net Core Sdk
Enterprise LinuxEnterprise Linux Eus+5 more
Nov 21, 2024
Apr 9, 2019
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'...Show more
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'.Show less