PT-2019-1638 · Microsoft+2 · Nuget Package Manager+2

Publicado

2019-03-12

Atualizado

2022-04-11

CVE-2019-0757

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions NuGet Package Manager for Linux and Mac (affected versions not specified)

Description A tampering issue exists in the NuGet Package Manager that could allow an authenticated attacker to modify a NuGet package's folder structure. The vulnerability is related to insecure privilege management, which may enable a remote attacker to alter the package's folder structure.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Privilege Management

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-269

Identificadores relacionados

BDU:2019-01186

CESA-2019_1259

CVE-2019-0757

RHSA-2019:0544

RHSA-2019:1259

RHSA-2019_1259

Produtos afetados

Centos

Nuget Package Manager

Red Hat

PT-2019-1638 · Microsoft+2 · Nuget Package Manager+2

CVE-2019-0757

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 20