CVE Vulnerabilities

CVE-2022-41032

Published: Oct 11, 2022 | Modified: Jan 02, 2025
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
7.8 MODERATE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Ubuntu
MEDIUM

NuGet Client Elevation of Privilege Vulnerability

Affected Software

Name Vendor Start Version End Version
.net Microsoft 6.0.0 (including) 6.0.0 (including)
.net_core Microsoft 3.1 (including) 3.1 (including)
Visual_studio_2019 Microsoft 16.0.0 (including) 16.9.26 (excluding)
Visual_studio_2019 Microsoft 16.10.0 (including) 16.11.20 (excluding)
Visual_studio_2022 Microsoft 17.0 (including) 17.0.15 (excluding)
Visual_studio_2022 Microsoft 17.2.0 (including) 17.2.9 (excluding)
Visual_studio_2022 Microsoft 17.3 (including) 17.3.6 (excluding)
Visual_studio_2022 Microsoft 17.3 (including) 17.3.7 (excluding)
.NET Core on Red Hat Enterprise Linux RedHat rh-dotnet31-dotnet-0:3.1.424-1.el7_9 *
.NET Core on Red Hat Enterprise Linux RedHat rh-dotnet60-dotnet-0:6.0.110-1.el7_9 *
Red Hat Enterprise Linux 8 RedHat dotnet6.0-0:6.0.110-1.el8_6 *
Red Hat Enterprise Linux 8 RedHat dotnet3.1-0:3.1.424-1.el8_6 *
Red Hat Enterprise Linux 8 RedHat dotnet7.0-0:7.0.100-0.4.rc2.el8_7 *
Red Hat Enterprise Linux 9 RedHat dotnet6.0-0:6.0.110-1.el9_0 *
Red Hat Enterprise Linux 9 RedHat dotnet7.0-0:7.0.100-0.5.rc2.el9_1 *
Dotnet6 Ubuntu devel *
Dotnet6 Ubuntu jammy *
Dotnet6 Ubuntu kinetic *
Dotnet6 Ubuntu upstream *

References