You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The AKEless Build System for C#/.NET
Signed by signpath.io from repository 'https://github.com/nuke-build/nuke' commit '011956b31c05f14f3233f6241cd6fbe038824d71' (see contained AppVeyorSettings.json file for build settings).
mend-bolt-for-githubbot
changed the title
CVE-2024-0057 (Critical) detected in nuget.packaging.5.11.0.nupkg
CVE-2024-0057 (Critical) detected in nuget.packaging.6.6.1.nupkg, nuget.packaging.5.11.0.nupkg
Mar 26, 2024
mend-bolt-for-githubbot
changed the title
CVE-2024-0057 (Critical) detected in nuget.packaging.6.6.1.nupkg, nuget.packaging.5.11.0.nupkg
CVE-2024-0057 (Critical) detected in nuget.packaging.6.7.0.nupkg, nuget.packaging.6.6.1.nupkg
Apr 8, 2024
mend-bolt-for-githubbot
changed the title
CVE-2024-0057 (Critical) detected in nuget.packaging.6.6.1.nupkg, nuget.packaging.5.11.0.nupkg
CVE-2024-0057 (Critical) detected in nuget.packaging.6.7.0.nupkg, nuget.packaging.6.6.1.nupkg
Apr 8, 2024
mend-bolt-for-githubbot
changed the title
CVE-2024-0057 (Critical) detected in nuget.packaging.6.7.0.nupkg, nuget.packaging.6.6.1.nupkg
CVE-2024-0057 (Critical) detected in nuget.packaging.6.7.0.nupkg
Apr 19, 2024
mend-bolt-for-githubbot
changed the title
CVE-2024-0057 (Critical) detected in nuget.packaging.6.7.0.nupkg
CVE-2024-0057 (Critical) detected in nuke.common.8.0.0.nupkg, nuget.packaging.6.7.0.nupkg
Apr 22, 2024
CVE-2024-0057 - Critical Severity Vulnerability
nuke.common.8.0.0.nupkg
The AKEless Build System for C#/.NET Signed by signpath.io from repository 'https://github.com/nuke-build/nuke' commit '011956b31c05f14f3233f6241cd6fbe038824d71' (see contained AppVeyorSettings.json file for build settings).
Library home page: https://api.nuget.org/packages/nuke.common.8.0.0.nupkg
Path to dependency file: /build/_build.csproj
Path to vulnerable library: /home/wss-scanner/.nuget/packages/nuke.common/8.0.0/nuke.common.8.0.0.nupkg
Dependency Hierarchy:
nuget.packaging.6.7.0.nupkg
NuGet's understanding of packages. Reading nuspec, nupkgs and package signing.
Library home page: https://api.nuget.org/packages/nuget.packaging.6.7.0.nupkg
Path to dependency file: /build/_build.csproj
Path to vulnerable library: /home/wss-scanner/.nuget/packages/nuget.packaging/6.7.0/nuget.packaging.6.7.0.nupkg
Dependency Hierarchy:
Found in base branch: main
NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
Publish Date: 2024-01-09
URL: CVE-2024-0057
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-68w7-72jg-6qpp
Release Date: 2024-01-09
Fix Resolution: NuGet.CommandLine - 5.11.6,6.0.6,6.3.4,6.4.3,6.6.2,6.7.1,6.8.1, NuGet.Packaging - 5.11.6,6.0.6,6.3.4,6.4.3,6.6.2,6.7.1,6.8.1
Step up your Open Source Security Game with Mend here
The text was updated successfully, but these errors were encountered: