CVSS: 7.1EPSS: 1%CPEs: 6EXPL: 0CVE-2023-29337 – NuGet Client Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-29337
NuGet Client Remote Code Execution Vulnerability A vulnerability was found in dotnet. This issue exists in NuGet where a potential race condition can lead to a symlink attack. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29337 https://access.redhat.com/security/cve/CVE-2023-29337 https://bugzilla.redhat.com/show_bug.cgi?id=2213703 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2022-30184 – .NET and Visual Studio Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-30184
.NET and Visual Studio Information Disclosure Vulnerability Una Vulnerabilidad de Divulgación de Información en .NET y Visual Studio • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DMP34G53EA2DBTBLFOAQCDZRRENE2EA2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWNH4AC3LFVX35MDRX5OBZDGD2AMH66K https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30184 https://access.redhat.com/security/cve/CVE-2022-30184 https://bugzilla.redhat.com/show_bug.cgi?id=2096963 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •