Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:nuget/NuGet.CommandLine@6.8.1
purl pkg:nuget/NuGet.CommandLine@6.8.1
Tags Ghost
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 1.4
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-xxrj-7szv-s3cm
Aliases:
GHSA-g4vj-cjjj-v7hg
Defense in Depth update for NuGet Client ### Impact This update adds validation of the package ID and version during package download, in addition to the existing package signature validation. ### Patches #### NuGet The following NuGet.exe, NuGet.CommandLine, NuGet.Packaging, and NuGet.Protocol versions have been patched: |Affected versions|Patched version| |--|--| |>= 4.9.0, <= 4.9.6|4.9.7| |>= 5.11.0, <= 5.11.6|5.11.7| |>= 6.8.0, <= 6.8.1|6.8.2| |>= 6.11.0, <= 6.11.1|6.11.2| |>= 6.12.0, <= 6.12.4|6.12.5| |>= 6.14.0, <= 6.14.2|6.14.3| |>= 7.0.0, <= 7.0.2|7.0.3| |7.3.0|7.3.1| #### .NET SDK * .NET 8.0.126 SDK * .NET 8.0.420 SDK * .NET 9.0.116 SDK * .NET 9.0.313 SDK * .NET 10.0.106 SDK * .NET 10.0.202 SDK ### Workarounds N/A ### References https://github.com/NuGet/NuGetGallery/security/advisories/GHSA-9r3h-v4hx-rhfr ### Credit [splitline](https://x.com/_splitline_) with [DEVCORE](https://devco.re/)
6.8.2
Affected by 0 other vulnerabilities.
6.11.2
Affected by 0 other vulnerabilities.
6.12.5
Affected by 0 other vulnerabilities.
6.14.3
Affected by 0 other vulnerabilities.
7.0.3
Affected by 0 other vulnerabilities.
7.3.1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T22:47:55.508912+00:00 GitLab Importer Fixing VCID-st1x-3kvj-nfgg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/NuGet.CommandLine/GHSA-jw42-5m4v-9c8g.yml 38.4.0
2026-04-16T07:46:04.690140+00:00 GHSA Importer Affected by VCID-xxrj-7szv-s3cm https://github.com/advisories/GHSA-g4vj-cjjj-v7hg 38.4.0
2026-04-12T00:07:41.655561+00:00 GitLab Importer Fixing VCID-st1x-3kvj-nfgg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/NuGet.CommandLine/GHSA-jw42-5m4v-9c8g.yml 38.3.0
2026-04-03T00:12:21.870694+00:00 GitLab Importer Fixing VCID-st1x-3kvj-nfgg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/NuGet.CommandLine/GHSA-jw42-5m4v-9c8g.yml 38.1.0
2026-04-01T16:04:33.537886+00:00 GHSA Importer Fixing VCID-2zs5-gfxg-efgb https://github.com/advisories/GHSA-68w7-72jg-6qpp 38.0.0
2026-04-01T16:04:18.921084+00:00 GHSA Importer Fixing VCID-st1x-3kvj-nfgg https://github.com/advisories/GHSA-jw42-5m4v-9c8g 38.0.0
2026-04-01T12:52:29.738034+00:00 GitLab Importer Fixing VCID-2zs5-gfxg-efgb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/NuGet.CommandLine/CVE-2024-0057.yml 38.0.0
2026-04-01T12:52:22.785129+00:00 GitLab Importer Fixing VCID-st1x-3kvj-nfgg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/NuGet.CommandLine/GHSA-jw42-5m4v-9c8g.yml 38.0.0
2026-04-01T12:50:30.928740+00:00 GithubOSV Importer Fixing VCID-2zs5-gfxg-efgb https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-68w7-72jg-6qpp/GHSA-68w7-72jg-6qpp.json 38.0.0
2026-04-01T12:50:01.371036+00:00 GithubOSV Importer Fixing VCID-st1x-3kvj-nfgg https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/01/GHSA-jw42-5m4v-9c8g/GHSA-jw42-5m4v-9c8g.json 38.0.0