PT-2019-1638 · Microsoft+2 · Nuget Package Manager+2

Published

2019-03-12

Updated

2022-04-11

CVE-2019-0757

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions NuGet Package Manager for Linux and Mac (affected versions not specified)

Description A tampering issue exists in the NuGet Package Manager that could allow an authenticated attacker to modify a NuGet package's folder structure. The vulnerability is related to insecure privilege management, which may enable a remote attacker to alter the package's folder structure.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

BDU:2019-01186

CESA-2019_1259

CVE-2019-0757

RHSA-2019:0544

RHSA-2019:1259

RHSA-2019_1259

Affected Products

Centos

Nuget Package Manager

Red Hat

PT-2019-1638 · Microsoft+2 · Nuget Package Manager+2

CVE-2019-0757

Weakness Enumeration

Related Identifiers

Affected Products

References · 20