CVE-2019-0757
- Source
- https://cve.org/CVERecord?id=CVE-2019-0757
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-0757.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2019-0757
- Downstream
- Published
- 2019-04-09T02:29:00.600Z
- Modified
- 2026-05-28T04:04:50.712969997Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'.
- Database specific
{ "unresolved_ranges": [ { "vendor_product": "microsoft:nuget", "extracted_events": [ { "last_affected": "4.3.1" }, { "last_affected": "4.4.2" }, { "last_affected": "4.5.2" }, { "last_affected": "4.6.3" }, { "last_affected": "4.7.2" }, { "last_affected": "4.8.2" }, { "last_affected": "4.9.4" } ], "cpes": [ "cpe:2.3:a:microsoft:nuget:4.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:nuget:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:nuget:4.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:nuget:4.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:nuget:4.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:nuget:4.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:nuget:4.9.4:*:*:*:*:*:*:*" ], "source": "CPE_STRING" }, { "vendor_product": "mono-project:mono_framework", "extracted_events": [ { "last_affected": "5.18.0.223" }, { "last_affected": "5.20.0" } ], "cpes": [ "cpe:2.3:a:mono-project:mono_framework:5.18.0.223:*:*:*:*:*:*:*", "cpe:2.3:a:mono-project:mono_framework:5.20.0:*:*:*:*:*:*:*" ], "source": "CPE_STRING" }, { "vendor_product": "redhat:enterprise_linux_eus", "extracted_events": [ { "last_affected": "8.1" }, { "last_affected": "8.2" }, { "last_affected": "8.4" } ], "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*" ], "source": "CPE_STRING" }, { "vendor_product": "redhat:enterprise_linux_server_aus", "extracted_events": [ { "last_affected": "8.2" }, { "last_affected": "8.4" } ], "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*" ], "source": "CPE_STRING" }, { "vendor_product": "redhat:enterprise_linux_server_tus", "extracted_events": [ { "last_affected": "8.2" }, { "last_affected": "8.4" } ], "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*" ], "source": "CPE_STRING" } ] }- References
Affected packages
Git / github.com/dotnet/cli
Affected ranges
- Type
- GIT
- Repo
- https://github.com/dotnet/cli
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affected
- Database specific
{ "extracted_events": [ { "introduced": "0" }, { "last_affected": "1.1" }, { "last_affected": "2.1.500" }, { "last_affected": "2.2.100" } ], "cpe": [ "cpe:2.3:a:microsoft:.net_core_sdk:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_core_sdk:2.1.500:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_core_sdk:2.2.100:*:*:*:*:*:*:*" ], "source": "CPE_STRING" }
Affected versions
v1.*
v1.0.0-preview3-004056
v1.0.0-rc4-004771
v1.0.1
v1.0.3
v1.0.4
v1.1.0
v1.1.0-preview1-005051
v1.1.0-preview1-005077
v2.*
v2.1.300-preview1-008174
v2.1.300-preview2-008530
v2.1.400
v2.1.401
v2.1.500
v2.1.500+dependencies
v2.1.500-preview-009335
v2.2.100
v2.2.100+dependencies
v2.2.100-preview1-009349
v2.2.100-preview2-009404
v2.2.100-preview3-009430
Git / github.com/dotnet/core
Affected ranges
- Type
- GIT
- Repo
- https://github.com/dotnet/core
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "extracted_events": [ { "introduced": "0" }, { "last_affected": "8.0" } ], "cpe": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "source": "CPE_STRING" }
Affected versions
v1.*
v1.0.0
v1.0.0-rc1
v1.0.0-rc2
v1.0.1
v1.0.10
v1.0.11
v1.0.12
v1.0.13
v1.0.14
v1.0.15
v1.0.16
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.7
v1.0.8
v1.0.9
v1.1
v1.1.0
v1.1.0-preview1
v1.1.1
v1.1.10
v1.1.11
v1.1.12
v1.1.13
v1.1.2
v1.1.4
v1.1.5
v1.1.6
v1.1.7
v1.1.8
v1.1.9
v2.*
v2.0.0
v2.0.0-preview1
v2.0.0-preview2
v2.0.3
v2.0.4
v2.0.5
v2.0.6
v2.0.7
v2.0.7-2
v2.0.9
v2.1-preview1
v2.1-preview2
v2.1-rc1
v2.1.0
v2.1.1
v2.1.11
v2.1.12
v2.1.13
v2.1.14
v2.1.15
v2.1.16
v2.1.18
v2.1.2
v2.1.20
v2.1.22
v2.1.23
v2.1.24
v2.1.25
v2.1.29
v2.1.3
v2.1.30
v2.1.4
v2.1.5
v2.1.6
v2.1.7
v2.1.8
v2.1.9
v2.2.0
v2.2.0-preview1
v2.2.0-preview3
v2.2.1
v2.2.2
v2.2.3
v2.2.5
v2.2.6
v2.2.7
v2.2.8
v3.*
v3.0.0
v3.0.0-preview1
v3.0.0-preview2
v3.0.0-preview3
v3.0.0-preview4
v3.0.0-preview5
v3.0.0-preview6
v3.0.0-preview7
v3.0.0-preview8
v3.0.0-preview9
v3.0.0-rc1
v3.0.1
v3.0.2
v3.0.3
v3.1.0
v3.1.0-preview1
v3.1.0-preview2
v3.1.0-preview3
v3.1.1
v3.1.10
v3.1.11
v3.1.12
v3.1.13
v3.1.14
v3.1.15
v3.1.16
v3.1.17
v3.1.18
v3.1.19
v3.1.2
v3.1.20
v3.1.200
v3.1.201
v3.1.21
v3.1.22
v3.1.23
v3.1.24
v3.1.25
v3.1.26
v3.1.27
v3.1.28
v3.1.29
v3.1.3
v3.1.30
v3.1.31
v3.1.32
v3.1.5
v3.1.6
v3.1.7
v3.1.8
v3.1.9
v5.*
v5.0.0
v5.0.0-preview.2
v5.0.0-preview.3
v5.0.0-preview.4
v5.0.0-preview.5
v5.0.0-preview.6
v5.0.0-preview.7
v5.0.0-preview.8
v5.0.0-rc.1
v5.0.0-rc.2
v5.0.1
v5.0.10
v5.0.11
v5.0.12
v5.0.13
v5.0.14
v5.0.15
v5.0.16
v5.0.17
v5.0.2
v5.0.3
v5.0.4
v5.0.5
v5.0.6
v5.0.7
v5.0.8
v5.0.9
v6.*
v6.0.0
v6.0.0-preview.1
v6.0.0-preview.2
v6.0.0-preview.3
v6.0.0-preview.4
v6.0.0-preview.5
v6.0.0-preview.6
v6.0.0-preview.7
v6.0.0-rc.1
v6.0.0-rc.2
v6.0.1
v6.0.10
v6.0.11
v6.0.12
v6.0.13
v6.0.14
v6.0.15
v6.0.16
v6.0.18
v6.0.19
v6.0.2
v6.0.20
v6.0.21
v6.0.22
v6.0.23
v6.0.24
v6.0.25
v6.0.3
v6.0.4
v6.0.5
v6.0.6
v6.0.7
v6.0.8
v6.0.9
v7.*
v7.0.0
v7.0.0-preview.1
v7.0.0-preview.2
v7.0.0-preview.3
v7.0.0-preview.4
v7.0.0-preview.5
v7.0.0-preview.6
v7.0.0-preview.7
v7.0.0-rc.1
v7.0.0-rc.2
v7.0.1
v7.0.10
v7.0.11
v7.0.12
v7.0.13
v7.0.14
v7.0.2
v7.0.3
v7.0.4
v7.0.5
v7.0.7
v7.0.8
v7.0.9
v8.*
v8.0.0
v8.0.0-preview.1
v8.0.0-preview.2
v8.0.0-preview.3
v8.0.0-preview.4
v8.0.0-preview.5
v8.0.0-preview.6
v8.0.0-preview.7
v8.0.0-rc.1
v8.0.0-rc.2