windows-build-tools is vulnerable to man-in-the-middle (MitM) attacks due to downloading installer packages over insecure http protocol. It may cause remote code execution (RCE) by swapping out the requested package with an attacker controlled package if the attacker is on the network or positioned in between the user and the remote server.
CPE | Name | Operator | Version |
---|---|---|---|
windows-build-tools | le | 0.7.0 |