CVE-2019-0976

CVE Database · CVE-2019-0976

CVE-2019-0976

· MEDIUMModified

CVSS v3.1

5.5

EPSS

1.15%

Published

May 16, 2019

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder (by default "obj"), aka 'NuGet Package Manager Tampering Vulnerability'.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Affected Products (3)

microsoft · nugetvulnerable

apple · macos

linux · linux_kernel

References (4)

http://www.securityfocus.com/bid/108210

Broken Link

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0976

PatchVendor Advisory

http://www.securityfocus.com/bid/108210

Broken Link

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0976

PatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs