QID 997846
Date Published: 2024-03-26
QID 997846: DotNet (Nuget) Security Update for NuGet.Commands (GHSA-3hcm-6fjc-47qq)
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder (by default obj), aka 'NuGet Package Manager Tampering Vulnerability'.
Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
Solution
Refer to Github security advisory GHSA-3hcm-6fjc-47qq for updates and patch information.
Vendor References
- GHSA-3hcm-6fjc-47qq -
github.com/advisories/GHSA-3hcm-6fjc-47qq
CVEs related to QID 997846
Software Advisories
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| GHSA-3hcm-6fjc-47qq | NuGet.Commands |
|