Are any other products affected by this vulnerability? Yes. See the following list of affected versions of NuGet.exe, NuGet.Commands, NuGet.CommandLine, and NuGet.Protocol. Customers using any of these affected versions please see <Link to NuGet advisory> for information about how to fix the vulnerability. Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.Protocol 6.3.0 version or earlier Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.Protocol 6.2.1 version or earlier Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.Protocol 6.0.2 version or earlier Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.Protocol 5.11.2 version or earlier Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.Protocol 5.9.2 version or earlier Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.Protocol 5.7.2 version or earlier Any NuGet.exe, NuGet.Commands, NuGet.CommandLine, NuGet.Protocol 4.9.5 version or earlier What privileges could be gained by an attacker who successfully exploited the vulnerability? The attacker would gain the rights of the user that is running the affected application.
Maturity: Exploit
<a href="https://twitter.com/ethomson">Edward Thomson</a>