Microsoft NuGet Package Manager CVE-2019-0976 Tampering Security Bypass Vulnerability

ID SMNTC-108210
Type symantec
Reporter Symantec Security Response
Modified 2019-05-14T00:00:00



Microsoft NuGet is prone to a security bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions.

Technologies Affected

  • Microsoft NuGet 5.0.2


Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
To exploit this vulnerability, an attacker requires local access to an affected computer. Grant local access for trusted and accountable users only.

Updates are available. Please see the references or vendor advisory for more information.