CVE-2019-0976

Published: May 16, 2019Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder (by default "obj"), aka 'NuGet Package Manager Tampering Vulnerability'.

Affected (1)

Products: Microsoft: Nuget

Microsoft

1 product

Nuget

Configuration A

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Microsoft Nuget	Version 5.0.2

Running on/with	Platform Versions
Apple Macos	All versions
Linux Linux Kernel	All versions

References (4)

http://www.securityfocus.com/bid/108210

Source: secure@microsoft.com

Broken Link

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0976

Source: secure@microsoft.com

PatchVendor Advisory

http://www.securityfocus.com/bid/108210

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0976

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.