Vulnerabilities > CVE-2019-0976 - Unspecified vulnerability in Microsoft Nuget 5.0.2

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

local

low complexity

microsoft

NVD

Published: 2019-05-16

Updated: 2024-11-21

Summary

A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder (by default "obj"), aka 'NuGet Package Manager Tampering Vulnerability'.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Nuget 5.0.2	1
OS	Apple Apple Macos -	1
OS	Linux Linux Linux Kernel -	1

References

http://www.securityfocus.com/bid/108210
http://www.securityfocus.com/bid/108210
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0976
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0976