Lucene search

K

Ubuntu.comUB:CVE-2019-0976

HistoryMay 16, 2019 - 12:00 a.m.

CVE-2019-0976

2019-05-1600:00:00

ubuntu.com

ubuntu.com

7

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

9.0%

A tampering vulnerability exists in the NuGet Package Manager for Linux and
Mac that could allow an authenticated attacker to modify contents of the
intermediate build folder (by default “obj”), aka ‘NuGet Package Manager
Tampering Vulnerability’.

Notes

Author	Note
ebarretto	Vulnerable code introduced in 5.0.0)

References

launchpad.net/bugs/cve/CVE-2019-0976

nvd.nist.gov/vuln/detail/CVE-2019-0976

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0976

security-tracker.debian.org/tracker/CVE-2019-0976

www.cve.org/CVERecord?id=CVE-2019-0976

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

9.0%

Related for UB:CVE-2019-0976

veracode1 symantec1 cve1 osv1 github1 prion1 debiancve1 mscve1 kaspersky1 talosblog1