CVE-2019-0757

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-0757
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-0757.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2019-0757
Downstream
Published
2019-04-09T02:29:00.600Z
Modified
2026-03-14T09:31:33.488961Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'.

References

Affected packages

Git / github.com/dotnet/cli

Affected ranges

Type
GIT
Repo
https://github.com/dotnet/cli
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d6f4336106a9b07ebeab55886b5c752991ec1b34
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
10a5923449a4314344fc73fbf253ff3443decac6
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
51868761f2d5506b64166cf787ef2d25217d675c
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.1.500"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.2.100"
        }
    ]
}
Type
GIT
Repo
https://github.com/dotnet/core
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d78b3180414d35d6c7d136db753474e2ae2b33df
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0"
        }
    ]
}

Affected versions

v1.*
v1.0.0
v1.0.0-preview2
v1.0.0-preview2.0.1
v1.0.0-preview3-004056
v1.0.0-rc1
v1.0.0-rc2
v1.0.0-rc3-004517
v1.0.0-rc4-004771
v1.0.1
v1.0.10
v1.0.11
v1.0.12
v1.0.13
v1.0.14
v1.0.15
v1.0.16
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.7
v1.0.8
v1.0.9
v1.1
v1.1.0
v1.1.0-preview1
v1.1.0-preview1-005051
v1.1.0-preview1-005077
v1.1.1
v1.1.10
v1.1.11
v1.1.12
v1.1.13
v1.1.2
v1.1.4
v1.1.5
v1.1.6
v1.1.7
v1.1.8
v1.1.9
v2.*
v2.0.0
v2.0.0-preview1
v2.0.0-preview2
v2.0.3
v2.0.4
v2.0.5
v2.0.6
v2.0.7
v2.0.7-2
v2.0.9
v2.1-preview1
v2.1-preview2
v2.1-rc1
v2.1.0
v2.1.1
v2.1.11
v2.1.12
v2.1.13
v2.1.14
v2.1.15
v2.1.16
v2.1.18
v2.1.2
v2.1.20
v2.1.22
v2.1.23
v2.1.24
v2.1.25
v2.1.29
v2.1.3
v2.1.30
v2.1.4
v2.1.5
v2.1.6
v2.1.7
v2.1.8
v2.1.9
v2.2.0
v2.2.0-preview1
v2.2.0-preview2
v2.2.0-preview3
v2.2.1
v2.2.2
v2.2.3
v2.2.5
v2.2.6
v2.2.7
v2.2.8
v3.*
v3.0.0
v3.0.0-preview1
v3.0.0-preview2
v3.0.0-preview3
v3.0.0-preview4
v3.0.0-preview5
v3.0.0-preview6
v3.0.0-preview7
v3.0.0-preview8
v3.0.0-preview9
v3.0.0-rc1
v3.0.1
v3.0.2
v3.0.3
v3.1.0
v3.1.0-preview1
v3.1.0-preview2
v3.1.0-preview3
v3.1.1
v3.1.10
v3.1.11
v3.1.12
v3.1.13
v3.1.14
v3.1.15
v3.1.16
v3.1.17
v3.1.18
v3.1.19
v3.1.2
v3.1.20
v3.1.200
v3.1.201
v3.1.21
v3.1.22
v3.1.23
v3.1.24
v3.1.25
v3.1.26
v3.1.27
v3.1.28
v3.1.29
v3.1.3
v3.1.30
v3.1.31
v3.1.32
v3.1.5
v3.1.6
v3.1.7
v3.1.8
v3.1.9
v5.*
v5.0.0
v5.0.0-preview.2
v5.0.0-preview.3
v5.0.0-preview.4
v5.0.0-preview.5
v5.0.0-preview.6
v5.0.0-preview.7
v5.0.0-preview.8
v5.0.0-rc.1
v5.0.0-rc.2
v5.0.1
v5.0.10
v5.0.11
v5.0.12
v5.0.13
v5.0.14
v5.0.15
v5.0.16
v5.0.17
v5.0.2
v5.0.3
v5.0.4
v5.0.5
v5.0.6
v5.0.7
v5.0.8
v5.0.9
v6.*
v6.0.0
v6.0.0-preview.1
v6.0.0-preview.2
v6.0.0-preview.3
v6.0.0-preview.4
v6.0.0-preview.5
v6.0.0-preview.6
v6.0.0-preview.7
v6.0.0-rc.1
v6.0.0-rc.2
v6.0.1
v6.0.10
v6.0.11
v6.0.12
v6.0.13
v6.0.14
v6.0.15
v6.0.16
v6.0.18
v6.0.19
v6.0.2
v6.0.20
v6.0.21
v6.0.22
v6.0.23
v6.0.24
v6.0.25
v6.0.3
v6.0.4
v6.0.5
v6.0.6
v6.0.7
v6.0.8
v6.0.9
v7.*
v7.0.0
v7.0.0-preview.1
v7.0.0-preview.2
v7.0.0-preview.3
v7.0.0-preview.4
v7.0.0-preview.5
v7.0.0-preview.6
v7.0.0-preview.7
v7.0.0-rc.1
v7.0.0-rc.2
v7.0.1
v7.0.10
v7.0.11
v7.0.12
v7.0.13
v7.0.14
v7.0.2
v7.0.3
v7.0.4
v7.0.5
v7.0.7
v7.0.8
v7.0.9
v8.*
v8.0.0
v8.0.0-preview.1
v8.0.0-preview.2
v8.0.0-preview.3
v8.0.0-preview.4
v8.0.0-preview.5
v8.0.0-preview.6
v8.0.0-preview.7
v8.0.0-rc.1
v8.0.0-rc.2

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-0757.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.3.1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.4.2"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.5.2"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.6.3"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.7.2"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.8.2"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.9.4"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "5.18.0.223"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "5.20.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.2"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.4"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.2"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.4"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.2"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.4"
            }
        ]
    }
]