MAL-2024-4012 – avalonedit.net

Package

Manager: nuget
Name: avalonedit.net
Vulnerable Version: =6.3.78 || =6.3.63 || =6.3.46 || =6.3.21 || =8.3.0.93 || =6.3.5 || =6.3.100 || =6.3.80 || =6.3.6 || =6.3.37 || =6.3.77 || =6.3.79 || =6.3.71 || =6.3.38 || =6.3.62 || =6.3.13 || =6.3.41 || =6.3.65 || =8.3.0.91 || =6.3.10 || =6.3.55 || =6.3.84 || =6.3.19 || =6.3.96 || =6.3.53 || =6.3.40 || =6.3.99 || =6.3.97 || =6.3.69 || =8.3.0.92 || =6.3.26 || =6.3.49 || =6.3.98 || =6.3.15 || =6.3.66 || =6.3.52 || =6.3.67 || =6.3.33 || =6.3.17 || =6.3.14 || =6.3.2 || =6.3.43 || =6.3.72 || =6.3.8 || =6.3.85 || =8.3.0.90 || =6.3.83 || =6.3.29 || =6.3.22 || =6.3.11 || =6.3.0.90 || =6.3.23 || =6.3.89 || =6.3.3 || =6.3.34 || =6.3.95 || =6.3.16 || =8.3.0.94 || =6.3.74 || =6.3.54 || =8.4.0.95 || =6.3.25 || =6.3.56 || =6.3.87 || =6.3.92 || =6.3.35 || =6.3.39 || =6.3.57 || =6.3.88 || =6.3.1 || =6.3.91 || =6.3.24 || =6.3.45 || =6.3.18 || =6.3.90 || =6.3.82 || =6.3.36 || =6.3.9 || =6.3.12 || =6.3.31 || =6.3.51 || =6.3.59 || =6.3.60 || =6.3.76 || =8.4.0.96 || =6.3.73 || =6.3.68 || =6.3.86 || =6.3.81 || =6.3.58 || =6.3.4 || =6.3.44 || =6.3.7 || =6.3.70 || =6.3.30 || =6.3.75 || =6.3.20 || =6.3.61 || =6.3.64 || =6.3.94 || =6.3.50 || =6.3.42 || =6.3.27 || =6.3.28 || =6.3.48 || =6.3.32 || =6.3.93 || =6.3.47

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

EPSS: N/A pctlN/A

Details

Malicious code in AvalonEdit.Net (NuGet)

Metadata

Created: 2024-06-25T13:23:28Z
Modified: 2024-10-24T01:01:57Z
Source: https://github.com/ossf/malicious-packages
CWE IDs: ["CWE-506"]
Alternative ID: N/A
Finding: F448
Auto approve: 1