CVE-2022-41032

HIGH

NuGet Client - Privilege Escalation

Title source: llm

Description

NuGet Client Elevation of Privilege Vulnerability

Exploits (1)

nomisec STUB 1 stars
by ethomson · poc
https://github.com/ethomson/cve-2022-41032

References (5)

Scores

CVSS v3 7.8
EPSS 0.1830
EPSS Percentile 95.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-269
Status published

Affected Products (12)

microsoft/.net
microsoft/.net_core
microsoft/visual_studio_2019 < 16.9.26
microsoft/visual_studio_2022 < 17.0.15
microsoft/visual_studio_2022 < 17.3.6
microsoft/visual_studio_2022 < 17.3.7
fedoraproject/fedora
fedoraproject/fedora
fedoraproject/fedora
nuget/NuGet.Commands < 4.9.6NuGet
nuget/NuGet.CommandLine < 4.9.6NuGet
nuget/NuGet.Protocol < 4.9.6NuGet

Timeline

Published Oct 11, 2022
Tracked Since Feb 18, 2026