NuGet Client Remote Code Execution Vulnerability
CVE-2023-29337
7.1HIGH
Key Information:
- Vendor
- Microsoft
- Vendor
- CVE Published:
- 14 June 2023
Summary
NuGet Client Remote Code Execution Vulnerability
Affected Version(s)
NuGet 5.11.4 Unknown 5.0.0 < 5.11.5
NuGet 6.0.4 Unknown 6.0.0 < 6.0.5
NuGet 6.2.3 Unknown 6.0.0 < 6.2.4
References
EPSS Score
0% chance of being exploited in the next 30 days.
CVSS V3.1
Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database