2 matches found
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. A vulnerability exists in NuGet where a race condition can lead to a symlink attack. Note: Non-Linux platforms are not affected. Remediation Upgrade NuGet.Commands to version 5.11.5, 6.0.5, 6.2.4, 6.3.3, 6.4.2...
Incorrect Permission Assignment for Critical Resource
Overview Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource due to the modification of contents in the intermediate build folder by default obj. An attacker can alter the contents of this folder by authenticating and exploiting the...